Report - blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html

Report Overview

Submitted URL
blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
IP
78.41.204.33
ASN
#62370 Snel.com B.V.
Submitted
2022-12-01 01:29:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	46 kB	34.120.237.76
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	728 B	23.36.76.226
cdntechone.com	64371	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	6.4 kB	188.114.97.1
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.5 kB	151.101.194.133
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	81 kB	93.158.134.119
blog.afterlivre.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.7 kB	78.41.204.33
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.201.177
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	93.184.220.29
storage.googleapis.com	420	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	677 B	2.2 kB	142.250.74.80
findyourhalf.top	462646	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	435 kB	104.26.14.100
itcleffaom.com	72236	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	8.6 kB	139.45.197.237
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
belia-glp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.0 kB	3.208.247.235
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	745 B	139.45.195.8
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
1865e08ae4.smapp.work	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	1.2 kB	35.186.250.143
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	172.64.155.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	itcleffaom.com	Sinkholed
2022-12-01	medium	itcleffaom.com	Sinkholed

JavaScript (30)

	URL	Size	First Seen	Last Seen
	findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab	1.7 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:41:12 Last Seen2023-03-11 23:32:19 Times Seen1 Hash 4a9a3b78e00ea0807d710b5749526d68 02bf956306ff281dd00400af3dadafc63b658791 cec0377e555ae3eeb46cb2217dd76da552adb73777fa05c04dd4d97f6deb0df5 Loading...

	findyourhalf.top/js/v-xhr.js.1d225573.js	3.0 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/v-xhr.js.1d225573.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 0d59c8d4db9b966d2516a4b5165318db c7efe3b87fd678f300aaea89b052f3e077e34aeb 8c94ac67f56e9dfdfa9c82b5288ca2af2ea99dfea0f9d9f5886ff73f24f6e280 Loading...

	belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97	849 B	2023-03-11	2023-03-11
Pretty URL belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97 IP 3.208.247.235 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:17:30 Last Seen2023-03-11 23:17:30 Times Seen1 Hash a71c7639d24243cb7353b3a03bdf9e35 3d17df9688219013b645b0ad6c6e63dfd8c7b8c5 b66f598f5e7958c74b7b74619c317de736ab629b210c64dc789b8811412ba186 Loading...

	1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23	217 B	2023-03-11	2023-03-11
Pretty URL 1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23 IP 35.186.250.143 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:17:30 Last Seen2023-03-11 23:17:30 Times Seen1 Hash bfce6d31b70554ebb1e8838bc0a20933 3dcd209485fbcedac10a3726543e9065ef1292f9 8911606eb7cb142650be393e2d807cb2976ac81183f4401d0764651cc440ca1d Loading...

	findyourhalf.top/js/v-AxiosHeaders.js.13fc3a8c.js	5.4 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/v-AxiosHeaders.js.13fc3a8c.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:18 Times Seen1 Hash faba8cd5c741216bceb1d34f408ce177 2f0306d6368762e81c4b871756695815b7ec7ff4 4733e186b08af203c3b29d9cf69d3e90424c8037532fdf9f14642582b784e147 Loading...

	findyourhalf.top/js/each-land-config.9797ee02.js	82 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/each-land-config.9797ee02.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 1ecab8888c4ec3af8e83fbcd77556f45 b3deb48a848ba0f10fd29de6c5e31344730b5496 e9db3454f97736fa1ed57562aed0851f9a54e13e781bf14c4f421198e480bb52 Loading...

	cdntechone.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-12 10:47:00 Times Seen1 Hash 06f6499fd0fa0ed3ab7e4e5220824cf4 7d46143675b281760790105a32018a6ebd62884d 2b9e2b7f5c251c5b5490e5e8adbda9acdf687b74eb8d5a8d8f2ee1a0104bae3f Loading...

	belia-glp.com/zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	147 B	2023-03-08	2023-03-12
Pretty URL belia-glp.com/zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.208.247.235 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:15:04 Last Seen2023-03-12 14:39:46 Times Seen1 Hash a7c263c33adef8ab76c22a4b90d5d235 65b0af7b1bef84436acee0c271110725b65ceb47 7272c6a785ca03cf705335965d035610b2f8109fcbab9092c3a2f1a95bf51ffa Loading...

	storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=	549 B	2023-03-07	2023-03-29
Pretty URL storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0= IP 142.250.74.80 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:29 Last Seen2023-03-29 23:22:44 Times Seen2 Hash 4aa9f0c885c4daefe433ebc29ecc3b1c 28b6e23e9ac4ac4a28c62fc35c46d40c806957f4 b7c6d98f519644b7b5347ca4631abc5652cd43520e2dc384bb968a2bd72bdfa3 Loading...

	1865e08ae4.smapp.work/api/v1/click/confirm.js?data=gAAAAABjiANwPQpr9Uk3spZUsLYSqRS7n2lU7yF92Tp54tE1z5B1tgqJilqM1pHvT86Ixad6jCo7aspvIKpV87RqC9b_P-UV-Ob1bwDDzwlw5qmhD8dyT7xYAYReu2-8ZOpaa8ShnPP60pgu7hByxOh8DscrKL_s8nCyjlgmKxgiCjyWRhoOwusmqgcZLPc1JvkPwN8c80NgbKZmvRUKVigyMxYfeWx9WlLUqL_XQ-piVL-TMcILrpcROlymXkQnHfB4KNuzk5cMc30tK6JSBTcweUgX5NP5XR4rV6xvChfgiFDTJptC2yrxIYdInOnA7Iq5mUTHYrv61ohQMPLR72VtDKwsljlsRJELZO95Svje_oYm5Q-qSqtooazOUSZv1kZiqKnOd5x-mw_Q5zUKfq9wuYqJxTP7mqFtKrh3UpUoCFirFqFQKLUbmPjOLU-mJzKwV7WpRxWXqZHpgnZtSh4xoXgO2_bJ99mdCJiZJyPp8NI4Do2viLxZ0yrfyh7njqGfghnDsz3RLCR3MURRTj_Jqfijr9akbhtlJVe1oDkZqYVbRpNTJXdxsDr78BfM8Rjupx82SIooCzehkA1VLcEnTEtv2emkQOFm80CE5XDSPsB52lrczkGj_z31J5X1FlbetwNzb5gqRDWhy4yGEQN-7RsUz8tk_NUxck8Mxb9fXnu7Zc3eUVvECl2hYOREb2OhYznCvQ61YSLkUjI9C5-DitPGHuxUyGoJXBkUR4FB7MgEtWj7xrjkqgVFifmUp0wlDUKebH64C-e3kMmUIGycYbez9agv4rg-Zetr5xYkPDWjbwxNCr7qxUZB86lOL0Kv4Q0BMW6bhN_TZPVkfrLFL-hQC21gLbrF4p67wnsoEb1wubNfUPbVSzjnmqwA3zXlbyzT3kp9moHHtklXIBz6fVs1cyNFkLFRIHH-whDmk5xdCMfsvmUxFQcfEm-eOJTPF-waRykbwZtZpJTPeeJiy4LDZ4c5R0ixntxw0D7PoQ7OJJ-BCGQD7RZGHMFMAaeqWC9LuLPHVLuKKwLfNDAScziCzY6Tj92_8OBlZeqJ5AqkwRKn2tUzoyYVBYXaFVY7mjofWWIEvVqCvGvv0oljvKtvK81-K5igzy8_OznEix6cBugm-q_Ree1ZLZyH0iNF9eaI4Tie66JeI5B9H-yd90JW5lhdjGrm0Ip44n9e6p77hjON2_dqPSv5fT2J2vvqTSF7S0uC5C8VZONGNblAyy7BaWnQWuoKjE-HbuUI8TaFVuDI6-oahQE397omJy3sqBjCWxpGI6Ur-WS2kVnq37xU_Bh4yYrUOHKfT-wYL_o52wmLro6YOEnAljUax2hSRnYqJG_76wjOcqEbUx_f2kVj6Z_MRkLFrdHypSRvfsx-gFgwJ1-YOd6q-JZHkTdUQBc3Do12tIT1llAodjSWVfJC5pIjJlKG8zijYiePtn189wEKExLJ71JpeSh4jd48NaietaZ3vbjdSa5LTLps9WZS7s4Nu8sTjfS8mXpHDCGwsJ0FrcMdzhahdqQl-8VYNbCGVBtk4vUGux-7QVLrl-b-dzag1ZKznzj9CFncmq5Xz4h7Pt0ojfQZXgTNaVyLlFp2bWCAxCX7N9CjOpCgd-PIevzGjQ06rkx9ndllbInOoK_GNJyxZ_rXuHeTgD4XfK8Ubm2pY_FNwfrSW20eLae3fKKgb4S-aWGlWqnkgiPO867DYaprisvmGTmyKDy4q5DX0bAgWiEPs0ds5WaXE9MZREktsvwDOYqj3VIiOTXymCo7H77dj-wcZ8clu4dWJNkBRq0LxQ9aSxsJaG-yLpJcfFC6olZPX2YqGuWvZ5IOmTzBVmcGr7Mwe4htZ4tFD7GeOZF2waoy7CihHce7pLFEwIhSvnSrhHEuIrNIMham5O_eMz7Ume_IrdwvYky3JxZb77jF6WtU-LU5QM9S62CeyqolMMAlhioTAGk25cwt-PxuWmat7_b27Hmq_FjTqjO82w3PeXt-KwN-P9EdtFOvQkGxweeHlkmC-heGKyYBQoGjpPyzn7-1wPYzoP1H2bRpd_AcslBC36-ZXnG7fsuGuY2xh-9uDtGmUlvrx_ZTnkqa7jMjyo3oDki1GIInnqut8ULcDU-soeF2MEETR4yx-oDiNSFXg5sYiJyb8YIaqvLPUDNV_Jzy2wuN2_w6lAWiNF1yR7z7wjwiNNSUoCtETBKRvPescIgPbKRpPkpGx_JN32p6DhHwgcpiVtv2uNvS6DZ13oy9yGtBZSRmecKQpEJ8YFNFo3cuA9A3wZclN8NvfA9N3kCCImD1NQoNCjoM5AGVHKDmq9jtcUIvEX_qBygXqRj_eNY9XMAQaC_yjNlt0np5gp3mYjef5ZwKb5zqrNqIAO0VQjEVGZQartK0QV20ZcGEfRBzVuXlVrn4RkKMMUyuJ4WXwUu3xgkdftxUPWUbTpsf0g_zBUMSLIKNjBZtSECmcLgmWEeYhtS764W0v1ltQVnkqyBzLy2jSu17H1JOsMeODNMHQ1ktjf0ry9QtWqXUN07gVaFPuTMfqSFZmnIBJeG8Ulo-xYgica2eyMwU	0 B	2023-03-07	2024-04-24
Pretty URL 1865e08ae4.smapp.work/api/v1/click/confirm.js?data=gAAAAABjiANwPQpr9Uk3spZUsLYSqRS7n2lU7yF92Tp54tE1z5B1tgqJilqM1pHvT86Ixad6jCo7aspvIKpV87RqC9b_P-UV-Ob1bwDDzwlw5qmhD8dyT7xYAYReu2-8ZOpaa8ShnPP60pgu7hByxOh8DscrKL_s8nCyjlgmKxgiCjyWRhoOwusmqgcZLPc1JvkPwN8c80NgbKZmvRUKVigyMxYfeWx9WlLUqL_XQ-piVL-TMcILrpcROlymXkQnHfB4KNuzk5cMc30tK6JSBTcweUgX5NP5XR4rV6xvChfgiFDTJptC2yrxIYdInOnA7Iq5mUTHYrv61ohQMPLR72VtDKwsljlsRJELZO95Svje_oYm5Q-qSqtooazOUSZv1kZiqKnOd5x-mw_Q5zUKfq9wuYqJxTP7mqFtKrh3UpUoCFirFqFQKLUbmPjOLU-mJzKwV7WpRxWXqZHpgnZtSh4xoXgO2_bJ99mdCJiZJyPp8NI4Do2viLxZ0yrfyh7njqGfghnDsz3RLCR3MURRTj_Jqfijr9akbhtlJVe1oDkZqYVbRpNTJXdxsDr78BfM8Rjupx82SIooCzehkA1VLcEnTEtv2emkQOFm80CE5XDSPsB52lrczkGj_z31J5X1FlbetwNzb5gqRDWhy4yGEQN-7RsUz8tk_NUxck8Mxb9fXnu7Zc3eUVvECl2hYOREb2OhYznCvQ61YSLkUjI9C5-DitPGHuxUyGoJXBkUR4FB7MgEtWj7xrjkqgVFifmUp0wlDUKebH64C-e3kMmUIGycYbez9agv4rg-Zetr5xYkPDWjbwxNCr7qxUZB86lOL0Kv4Q0BMW6bhN_TZPVkfrLFL-hQC21gLbrF4p67wnsoEb1wubNfUPbVSzjnmqwA3zXlbyzT3kp9moHHtklXIBz6fVs1cyNFkLFRIHH-whDmk5xdCMfsvmUxFQcfEm-eOJTPF-waRykbwZtZpJTPeeJiy4LDZ4c5R0ixntxw0D7PoQ7OJJ-BCGQD7RZGHMFMAaeqWC9LuLPHVLuKKwLfNDAScziCzY6Tj92_8OBlZeqJ5AqkwRKn2tUzoyYVBYXaFVY7mjofWWIEvVqCvGvv0oljvKtvK81-K5igzy8_OznEix6cBugm-q_Ree1ZLZyH0iNF9eaI4Tie66JeI5B9H-yd90JW5lhdjGrm0Ip44n9e6p77hjON2_dqPSv5fT2J2vvqTSF7S0uC5C8VZONGNblAyy7BaWnQWuoKjE-HbuUI8TaFVuDI6-oahQE397omJy3sqBjCWxpGI6Ur-WS2kVnq37xU_Bh4yYrUOHKfT-wYL_o52wmLro6YOEnAljUax2hSRnYqJG_76wjOcqEbUx_f2kVj6Z_MRkLFrdHypSRvfsx-gFgwJ1-YOd6q-JZHkTdUQBc3Do12tIT1llAodjSWVfJC5pIjJlKG8zijYiePtn189wEKExLJ71JpeSh4jd48NaietaZ3vbjdSa5LTLps9WZS7s4Nu8sTjfS8mXpHDCGwsJ0FrcMdzhahdqQl-8VYNbCGVBtk4vUGux-7QVLrl-b-dzag1ZKznzj9CFncmq5Xz4h7Pt0ojfQZXgTNaVyLlFp2bWCAxCX7N9CjOpCgd-PIevzGjQ06rkx9ndllbInOoK_GNJyxZ_rXuHeTgD4XfK8Ubm2pY_FNwfrSW20eLae3fKKgb4S-aWGlWqnkgiPO867DYaprisvmGTmyKDy4q5DX0bAgWiEPs0ds5WaXE9MZREktsvwDOYqj3VIiOTXymCo7H77dj-wcZ8clu4dWJNkBRq0LxQ9aSxsJaG-yLpJcfFC6olZPX2YqGuWvZ5IOmTzBVmcGr7Mwe4htZ4tFD7GeOZF2waoy7CihHce7pLFEwIhSvnSrhHEuIrNIMham5O_eMz7Ume_IrdwvYky3JxZb77jF6WtU-LU5QM9S62CeyqolMMAlhioTAGk25cwt-PxuWmat7_b27Hmq_FjTqjO82w3PeXt-KwN-P9EdtFOvQkGxweeHlkmC-heGKyYBQoGjpPyzn7-1wPYzoP1H2bRpd_AcslBC36-ZXnG7fsuGuY2xh-9uDtGmUlvrx_ZTnkqa7jMjyo3oDki1GIInnqut8ULcDU-soeF2MEETR4yx-oDiNSFXg5sYiJyb8YIaqvLPUDNV_Jzy2wuN2_w6lAWiNF1yR7z7wjwiNNSUoCtETBKRvPescIgPbKRpPkpGx_JN32p6DhHwgcpiVtv2uNvS6DZ13oy9yGtBZSRmecKQpEJ8YFNFo3cuA9A3wZclN8NvfA9N3kCCImD1NQoNCjoM5AGVHKDmq9jtcUIvEX_qBygXqRj_eNY9XMAQaC_yjNlt0np5gp3mYjef5ZwKb5zqrNqIAO0VQjEVGZQartK0QV20ZcGEfRBzVuXlVrn4RkKMMUyuJ4WXwUu3xgkdftxUPWUbTpsf0g_zBUMSLIKNjBZtSECmcLgmWEeYhtS764W0v1ltQVnkqyBzLy2jSu17H1JOsMeODNMHQ1ktjf0ry9QtWqXUN07gVaFPuTMfqSFZmnIBJeG8Ulo-xYgica2eyMwU IP 35.186.250.143 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 04:35:07 Times Seen37030470 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab	68 B	2023-03-07	2024-03-29
Pretty URL findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:41 Last Seen2024-03-29 11:15:22 Times Seen9 Hash 3d55c512d6c7136956121b4934fc2ef3 eda64499c2251027992890cfdd0508ce4ed66162 3097c84c489a39c0bfbf9e06204208486a28fde41dc93693244183abd081782a Loading...

	mc.yandex.ru/metrika/tag.js	214 kB	2023-03-11	2023-03-11
Pretty URL mc.yandex.ru/metrika/tag.js IP 93.158.134.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:05:47 Last Seen2023-03-11 23:40:23 Times Seen1 Hash 69affab62c527f101c5f94ef1d942796 49965ce6a3aedc9ecd5bd84df4f35aed3a350587 5d2aed090d3053f5ce03cf83712c314bb3f8354af47e248f5168983d4c61c60a Loading...

	blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html	435 B	2023-03-11	2023-03-11
Pretty URL blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html IP 78.41.204.33 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:17:30 Last Seen2023-03-11 23:17:30 Times Seen1 Hash 882db7d5c23bc8e1eb44e49aaaf7ca1d aca1b58cb55240148dbe723a3a1b8ddd552d0ed3 73d90ad5fd1fcccfa0b6d04d3019e1277ed75a4595c50c8635b090917d66d5cb Loading...

	storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=	357 B	2023-03-07	2023-03-29
Pretty URL storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0= IP 142.250.74.80 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:29 Last Seen2023-03-29 23:22:44 Times Seen2 Hash 82c326b2f2b81910bfab0764c3cd5e99 cf843b2580a5e6d793ab592ce0cf4b6ad88458b7 559bde18dca6a36e294d1962a5a34559f3f55cef6894736fea6788a7d0f7e8af Loading...

	1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23	527 B	2023-03-07	2023-03-29
Pretty URL 1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23 IP 35.186.250.143 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:29 Last Seen2023-03-29 23:22:44 Times Seen4 Hash 16a2d55a725a7a39cd9f9c19f92c88ef 483cf77189d199f11c43d9f069fb2aa2445b6e1c bb0705168645b25f4c861b5aafd6a4a4d8b9c21a011bbc862546ed163a743a92 Loading...

	findyourhalf.top/js/v-index.js.2c18e767.js	37 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/v-index.js.2c18e767.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:19 Times Seen1 Hash 55b1d1bf2066ebc4991a64dea317ec50 59afeffdb3e8816ffc046bf96a028e1ad456d1bb cd63dabb1adaa62dfe6fe31c2893c4f53b8bc762cd1d0ce8db20999a37cfcb04 Loading...

	findyourhalf.top/js/v-react-dom.production.min.js.19c87283.js	129 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/v-react-dom.production.min.js.19c87283.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 3338c205e3468849eeb63f859bd9eace 9aa2732118ad28ab0e16e7f53e52c21bbc9e4768 b865c472dc25ef893147ff8c22be01bc254b43ff420db5107d81273d565c824b Loading...

	findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e%3Acdc419073d485f613f24358e7f7a71c98c4977ab&utm_campaign=6100_8532&utm_medium=4655142&utm_content=zd_public_v2	102 B	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e%3Acdc419073d485f613f24358e7f7a71c98c4977ab&utm_campaign=6100_8532&utm_medium=4655142&utm_content=zd_public_v2 IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:17:31 Last Seen2023-03-11 23:17:31 Times Seen1 Hash 9ea86d5a073a27203ddb407c9c00f44e afc5f822d1262817681429cbbeac06d13f035d43 cc8b09f5615a33b819c2af1bf7f37c890f7fa7b1677c62a8d3c4873af8491e8c Loading...

	findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab	1.2 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 39fe5833ed4b95f2129b94c95c212c16 60fdbd8a5fc2c1f29b00ffcd5cd855015521c96e 8b6421b227ca90c44ca289df60f9780c0de0f01e20ebb5c0a9ec1699c8220ef4 Loading...

	findyourhalf.top/js/_global-config-sd.33011211.js	365 B	2023-03-08	2023-03-11
Pretty URL findyourhalf.top/js/_global-config-sd.33011211.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-11 23:51:42 Times Seen1 Hash afe14b24ef2d99172e4e37d4c3185444 4b289b317d75b93ba666b5fe55ae08110f6e7f21 2b61fb3f4b27ac1ae170b37397cb88c6eaf2ac7849b943960c54762a30a049cc Loading...

	findyourhalf.top/js/rtc.08b364bc.js	11 kB	2023-03-08	2023-03-12
Pretty URL findyourhalf.top/js/rtc.08b364bc.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-12 21:16:07 Times Seen1 Hash 38f629c75b69a6d96eed768b9e38d7bd 00e96ebe297fe4eb7829bd5d260a515b58107671 58d3dfb386be8f3387c6eaf42bee668c4ea8d30aba5f2f8fe73d4e1c044658e4 Loading...

	findyourhalf.top/js/survey.6.dda5ce24.js	206 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/survey.6.dda5ce24.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:28:46 Times Seen1 Hash cd270be19cf2516ee6fcaa7312364392 98ac1ad523b34279ea034bc3f2ce9105279d7343 f5758f5463a6d183ea9ea3747833a3165a399012e67d5e0eaf83c2efde58f700 Loading...

	findyourhalf.top/js/survey-dating.bf46a302.js	1.1 kB	2023-03-08	2023-03-12
Pretty URL findyourhalf.top/js/survey-dating.bf46a302.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-12 21:43:21 Times Seen1 Hash 4725eb19c88d823aa980f76d8a9ee645 48a025c477bcf3a98feab2f65f84cedd3f096f75 afb3505b719d54f30dec83b5a8651980a561750e17fcd4dae18b9f06759448dc Loading...

	1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23	38 B	2023-03-07	2023-03-29
Pretty URL 1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23 IP 35.186.250.143 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:29 Last Seen2023-03-29 23:22:44 Times Seen4 Hash a59fe899946d7b1b66a1dc7b5df07502 eefea215c3610b9853214667e71794084ba37d79 f0d03bdf1a7271543a86d472a32683cbbab15ef828d7954d59a042adf91e20c6 Loading...

	findyourhalf.top/js/v-utils.js.10c42cc1.js	8.6 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/v-utils.js.10c42cc1.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 728fe55509aad8f774cbb937ec6e1cc0 808bd00e22b2d263c5330f3caacf985fcc41aee8 817e07abd88ecbeba51ee2b41c741b9db996a34838fa2f7649a33a832a0f3b10 Loading...

	findyourhalf.top/js/v-redux-toolkit.esm.js.3f7dc52e.js	10 kB	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/js/v-redux-toolkit.esm.js.3f7dc52e.js IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:04:09 Last Seen2023-03-11 23:32:19 Times Seen1 Hash 333dc29553b72251a2c0ef05fadbd7d0 41585ea5b220ab51bfa4e375a2bb48592b3a161c 204863f9193545021e3faf0f01012ea68975df0d0bbc935e9235f8f87396d05e Loading...

	findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab	330 B	2023-03-11	2023-03-11
Pretty URL findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:01:48 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 4a9c32ff917c1facdb57dbc3aa40a341 793cf0e912de0e83d0f84bee6f0228f4aa58295c bd256e64393f8a5d8d85cb92c51e729c42aa2ab635e8043d6960e6f9f6c7ac7f Loading...

	findyourhalf.top/pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_8532&cdn=1&domain=laugoust.com	78 kB	2023-03-08	2023-03-13
Pretty URL findyourhalf.top/pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_8532&cdn=1&domain=laugoust.com IP 104.26.14.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-13 08:21:24 Times Seen1 Hash 27fd7e6012f9f65323a53c4dfff1b89c 7a5551cecbcd280e3d39d40d6526d41ec4629a58 148d4c62ff3e5e3ee015732ea7c24c36ef2d873f1bc29e3dc4efb2c3937cbf9d Loading...

		Size	First Seen	Last Seen
	#1 Eval - cc772913ec04ab6ebc24c2680af1f46a	79 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:17:31 Last Seen2023-03-11 23:17:31 Times Seen1 Hash cc772913ec04ab6ebc24c2680af1f46a 42b407eaf6c576c4d172a5771fa415709023360f 927c0373cb4594320f96ad15ddedc1afe119620cd99c12a032031e7e1a30be75 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (78)

URL IP Response Size

blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html

78.41.204.33

200 OK

539 B

URL HTTP/1.1
blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
IP
78.41.204.33:0
ASN
#62370 Snel.com B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (539), with no line terminators
Size
539 B (539 bytes)
Hash
80266c9784dbc7d9e1e8bf8a423811b2
3014d01f87b734de48fcd57cbff314f8f68b5b93
25b1b1ad150552e9a24ef6a5f13ee7d4a3292844840c420632da0bfec7e04658

HTTP Headers

GET /livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html HTTP/1.1
Host: blog.afterlivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 539
content-type: text/html; charset=utf-8
date: Thu, 01 Dec 2022 01:29:18 GMT
server: nginx
set-cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0; path=/; domain=.afterlivre.com; expires=Tue, 19 Dec 2090 04:43:25 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14077
Expires: Thu, 01 Dec 2022 05:23:55 GMT
Date: Thu, 01 Dec 2022 01:29:18 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3441
Cache-Control: max-age=122362
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:29:18 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:28:40 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 01:18:05 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 673
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19242
Expires: Thu, 01 Dec 2022 06:50:00 GMT
Date: Thu, 01 Dec 2022 01:29:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dZjgEvNNVVgVkQ6M+eNHctZOkxo0Jm5nijL9ENm2+FBnNLNWNnuIOgqAqyOgjk0oIV6VLNalNPc=
x-amz-request-id: VRG7A270ZSEQXFDF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 00:46:04 GMT
age: 2594
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:29:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

blog.afterlivre.com/favicon.ico

78.41.204.33

404 Not Found

9 B

URL HTTP/1.1
blog.afterlivre.com/favicon.ico
IP
78.41.204.33:0
ASN
#62370 Snel.com B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: blog.afterlivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
Cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Thu, 01 Dec 2022 01:29:19 GMT
server: nginx

blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTg2NTM1OCwiaWF0IjoxNjY5ODU4MTU4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc204ZTlmMmowdWRjOGZsaDAwbHY1azYiLCJuYmYiOjE2Njk4NTgxNTgsInRzIjoxNjY5ODU4MTU4NjMyNzA4fQ.5u6SWnadbrTJWxLYf1e547nP4Dlw6bYOLSSKNYOzEJI&sid=9334fca0-7117-11ed-8fa9-096a5cd551b0

78.41.204.33

302 Found

11 B

URL HTTP/1.1
blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTg2NTM1OCwiaWF0IjoxNjY5ODU4MTU4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc204ZTlmMmowdWRjOGZsaDAwbHY1azYiLCJuYmYiOjE2Njk4NTgxNTgsInRzIjoxNjY5ODU4MTU4NjMyNzA4fQ.5u6SWnadbrTJWxLYf1e547nP4Dlw6bYOLSSKNYOzEJI&sid=9334fca0-7117-11ed-8fa9-096a5cd551b0
IP
78.41.204.33:0
ASN
#62370 Snel.com B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTg2NTM1OCwiaWF0IjoxNjY5ODU4MTU4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc204ZTlmMmowdWRjOGZsaDAwbHY1azYiLCJuYmYiOjE2Njk4NTgxNTgsInRzIjoxNjY5ODU4MTU4NjMyNzA4fQ.5u6SWnadbrTJWxLYf1e547nP4Dlw6bYOLSSKNYOzEJI&sid=9334fca0-7117-11ed-8fa9-096a5cd551b0 HTTP/1.1
Host: blog.afterlivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
Cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 01 Dec 2022 01:29:19 GMT
location: http://belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
server: nginx
set-cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0; path=/; domain=.afterlivre.com; expires=Tue, 19 Dec 2090 04:43:26 GMT; max-age=2147483647; HttpOnly

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 01:08:56 GMT
cache-control: public,max-age=3600
age: 1223
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97

3.208.247.235

200

1.1 kB

URL HTTP/1.1
belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
c15e02d93fe1eaaf83432cb8915a2f49
39d3bf7c3d52e2ed923cfed45602be6ebd6ba2b1
722878f6949e4bb0977dca5b6748aaf3e5d4a767411877196b01661c839f64a7

HTTP Headers

GET /zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97 HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://blog.afterlivre.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Thu, 01 Dec 2022 01:29:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: wNOJKVmy

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3441
Cache-Control: max-age=117293
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:29:19 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:04:12 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

belia-glp.com/zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

3.208.247.235

200

424 B

URL HTTP/1.1
belia-glp.com/zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
424 B (424 bytes)
Hash
897f1d4b20ccc2cc3e6f0517632c40ea
f5f1e3e63752e48aab73a3acf4d21d09e531265b
05b7da565bc26b62f22eacce7b1850ef3a7be891552e942c92b2fb48a471cf6e

HTTP Headers

GET /zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Thu, 01 Dec 2022 01:29:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: FOSoPsur

push.services.mozilla.com/

52.41.201.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.201.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hFdcUkZGKsmZLeuMMlc7Cg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /BcqOieR8hHB+tYyMCLpxRkR+S0=

belia-glp.com/favicon.ico

3.208.247.235

404

653 B

URL HTTP/1.1
belia-glp.com/favicon.ico
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Thu, 01 Dec 2022 01:29:19 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: VsRMuJdC

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
111bb1121c31ddc9763207834c898117
49c5098d8603faa9a3a1401c03cd2a7b17ec66f5
3deb6ec612870ce64be10c169cef834a0ef36eb04673da8eac92467799682f94

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 14:26:18 GMT
Expires: Mon, 05 Dec 2022 14:26:17 GMT
Etag: "49c5098d8603faa9a3a1401c03cd2a7b17ec66f5"
Cache-Control: max-age=391616,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77280d1b3d330b55-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f4b4a5081bf26d78883f4dd38c4c81a
6139c5deb23ecf4c32904b44f1565bc0703dfc01
cf3665dca408aacb5d0d9d48e8b3102e4220f1d8c9fb1210cec83b8fadb9b0ba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:29:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=

142.250.74.80

200 OK

1.4 kB

URL HTTP/2
storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=
IP
142.250.74.80:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
1.4 kB (1357 bytes)
Hash
54f99c9e98a5b4f17b219e94417e6d2f
80247746ede724755155d0aa8c0082c8b00542bf
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634

HTTP Headers

GET /tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0= HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsmB5idnkFQomUwhpwuC35fJYQj2VhDCI1zKLITuiCDJ8A5Q07HGvImtXcTuP7aidHeWWJXcubzWjc8aqKw-vULzeceo9UK
expires: Thu, 01 Dec 2022 02:29:20 GMT
date: Thu, 01 Dec 2022 01:29:20 GMT
cache-control: public, max-age=3600
last-modified: Mon, 10 Jun 2019 16:09:51 GMT
etag: "54f99c9e98a5b4f17b219e94417e6d2f"
x-goog-generation: 1560182991115409
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1357
content-type: text/html
x-goog-hash: crc32c=+7k9hA==, md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1357
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1865e08ae4.smapp.work/api/v1/click/confirm.js?data=gAAAAABjiANwPQpr9Uk3spZUsLYSqRS7n2lU7yF92Tp54tE1z5B1tgqJilqM1pHvT86Ixad6jCo7aspvIKpV87RqC9b_P-UV-Ob1bwDDzwlw5qmhD8dyT7xYAYReu2-8ZOpaa8ShnPP60pgu7hByxOh8DscrKL_s8nCyjlgmKxgiCjyWRhoOwusmqgcZLPc1JvkPwN8c80NgbKZmvRUKVigyMxYfeWx9WlLUqL_XQ-piVL-TMcILrpcROlymXkQnHfB4KNuzk5cMc30tK6JSBTcweUgX5NP5XR4rV6xvChfgiFDTJptC2yrxIYdInOnA7Iq5mUTHYrv61ohQMPLR72VtDKwsljlsRJELZO95Svje_oYm5Q-qSqtooazOUSZv1kZiqKnOd5x-mw_Q5zUKfq9wuYqJxTP7mqFtKrh3UpUoCFirFqFQKLUbmPjOLU-mJzKwV7WpRxWXqZHpgnZtSh4xoXgO2_bJ99mdCJiZJyPp8NI4Do2viLxZ0yrfyh7njqGfghnDsz3RLCR3MURRTj_Jqfijr9akbhtlJVe1oDkZqYVbRpNTJXdxsDr78BfM8Rjupx82SIooCzehkA1VLcEnTEtv2emkQOFm80CE5XDSPsB52lrczkGj_z31J5X1FlbetwNzb5gqRDWhy4yGEQN-7RsUz8tk_NUxck8Mxb9fXnu7Zc3eUVvECl2hYOREb2OhYznCvQ61YSLkUjI9C5-DitPGHuxUyGoJXBkUR4FB7MgEtWj7xrjkqgVFifmUp0wlDUKebH64C-e3kMmUIGycYbez9agv4rg-Zetr5xYkPDWjbwxNCr7qxUZB86lOL0Kv4Q0BMW6bhN_TZPVkfrLFL-hQC21gLbrF4p67wnsoEb1wubNfUPbVSzjnmqwA3zXlbyzT3kp9moHHtklXIBz6fVs1cyNFkLFRIHH-whDmk5xdCMfsvmUxFQcfEm-eOJTPF-waRykbwZtZpJTPeeJiy4LDZ4c5R0ixntxw0D7PoQ7OJJ-BCGQD7RZGHMFMAaeqWC9LuLPHVLuKKwLfNDAScziCzY6Tj92_8OBlZeqJ5AqkwRKn2tUzoyYVBYXaFVY7mjofWWIEvVqCvGvv0oljvKtvK81-K5igzy8_OznEix6cBugm-q_Ree1ZLZyH0iNF9eaI4Tie66JeI5B9H-yd90JW5lhdjGrm0Ip44n9e6p77hjON2_dqPSv5fT2J2vvqTSF7S0uC5C8VZONGNblAyy7BaWnQWuoKjE-HbuUI8TaFVuDI6-oahQE397omJy3sqBjCWxpGI6Ur-WS2kVnq37xU_Bh4yYrUOHKfT-wYL_o52wmLro6YOEnAljUax2hSRnYqJG_76wjOcqEbUx_f2kVj6Z_MRkLFrdHypSRvfsx-gFgwJ1-YOd6q-JZHkTdUQBc3Do12tIT1llAodjSWVfJC5pIjJlKG8zijYiePtn189wEKExLJ71JpeSh4jd48NaietaZ3vbjdSa5LTLps9WZS7s4Nu8sTjfS8mXpHDCGwsJ0FrcMdzhahdqQl-8VYNbCGVBtk4vUGux-7QVLrl-b-dzag1ZKznzj9CFncmq5Xz4h7Pt0ojfQZXgTNaVyLlFp2bWCAxCX7N9CjOpCgd-PIevzGjQ06rkx9ndllbInOoK_GNJyxZ_rXuHeTgD4XfK8Ubm2pY_FNwfrSW20eLae3fKKgb4S-aWGlWqnkgiPO867DYaprisvmGTmyKDy4q5DX0bAgWiEPs0ds5WaXE9MZREktsvwDOYqj3VIiOTXymCo7H77dj-wcZ8clu4dWJNkBRq0LxQ9aSxsJaG-yLpJcfFC6olZPX2YqGuWvZ5IOmTzBVmcGr7Mwe4htZ4tFD7GeOZF2waoy7CihHce7pLFEwIhSvnSrhHEuIrNIMham5O_eMz7Ume_IrdwvYky3JxZb77jF6WtU-LU5QM9S62CeyqolMMAlhioTAGk25cwt-PxuWmat7_b27Hmq_FjTqjO82w3PeXt-KwN-P9EdtFOvQkGxweeHlkmC-heGKyYBQoGjpPyzn7-1wPYzoP1H2bRpd_AcslBC36-ZXnG7fsuGuY2xh-9uDtGmUlvrx_ZTnkqa7jMjyo3oDki1GIInnqut8ULcDU-soeF2MEETR4yx-oDiNSFXg5sYiJyb8YIaqvLPUDNV_Jzy2wuN2_w6lAWiNF1yR7z7wjwiNNSUoCtETBKRvPescIgPbKRpPkpGx_JN32p6DhHwgcpiVtv2uNvS6DZ13oy9yGtBZSRmecKQpEJ8YFNFo3cuA9A3wZclN8NvfA9N3kCCImD1NQoNCjoM5AGVHKDmq9jtcUIvEX_qBygXqRj_eNY9XMAQaC_yjNlt0np5gp3mYjef5ZwKb5zqrNqIAO0VQjEVGZQartK0QV20ZcGEfRBzVuXlVrn4RkKMMUyuJ4WXwUu3xgkdftxUPWUbTpsf0g_zBUMSLIKNjBZtSECmcLgmWEeYhtS764W0v1ltQVnkqyBzLy2jSu17H1JOsMeODNMHQ1ktjf0ry9QtWqXUN07gVaFPuTMfqSFZmnIBJeG8Ulo-xYgica2eyMwU

35.186.250.143

200 OK

0 B

URL HTTP/2
1865e08ae4.smapp.work/api/v1/click/confirm.js?data=gAAAAABjiANwPQpr9Uk3spZUsLYSqRS7n2lU7yF92Tp54tE1z5B1tgqJilqM1pHvT86Ixad6jCo7aspvIKpV87RqC9b_P-UV-Ob1bwDDzwlw5qmhD8dyT7xYAYReu2-8ZOpaa8ShnPP60pgu7hByxOh8DscrKL_s8nCyjlgmKxgiCjyWRhoOwusmqgcZLPc1JvkPwN8c80NgbKZmvRUKVigyMxYfeWx9WlLUqL_XQ-piVL-TMcILrpcROlymXkQnHfB4KNuzk5cMc30tK6JSBTcweUgX5NP5XR4rV6xvChfgiFDTJptC2yrxIYdInOnA7Iq5mUTHYrv61ohQMPLR72VtDKwsljlsRJELZO95Svje_oYm5Q-qSqtooazOUSZv1kZiqKnOd5x-mw_Q5zUKfq9wuYqJxTP7mqFtKrh3UpUoCFirFqFQKLUbmPjOLU-mJzKwV7WpRxWXqZHpgnZtSh4xoXgO2_bJ99mdCJiZJyPp8NI4Do2viLxZ0yrfyh7njqGfghnDsz3RLCR3MURRTj_Jqfijr9akbhtlJVe1oDkZqYVbRpNTJXdxsDr78BfM8Rjupx82SIooCzehkA1VLcEnTEtv2emkQOFm80CE5XDSPsB52lrczkGj_z31J5X1FlbetwNzb5gqRDWhy4yGEQN-7RsUz8tk_NUxck8Mxb9fXnu7Zc3eUVvECl2hYOREb2OhYznCvQ61YSLkUjI9C5-DitPGHuxUyGoJXBkUR4FB7MgEtWj7xrjkqgVFifmUp0wlDUKebH64C-e3kMmUIGycYbez9agv4rg-Zetr5xYkPDWjbwxNCr7qxUZB86lOL0Kv4Q0BMW6bhN_TZPVkfrLFL-hQC21gLbrF4p67wnsoEb1wubNfUPbVSzjnmqwA3zXlbyzT3kp9moHHtklXIBz6fVs1cyNFkLFRIHH-whDmk5xdCMfsvmUxFQcfEm-eOJTPF-waRykbwZtZpJTPeeJiy4LDZ4c5R0ixntxw0D7PoQ7OJJ-BCGQD7RZGHMFMAaeqWC9LuLPHVLuKKwLfNDAScziCzY6Tj92_8OBlZeqJ5AqkwRKn2tUzoyYVBYXaFVY7mjofWWIEvVqCvGvv0oljvKtvK81-K5igzy8_OznEix6cBugm-q_Ree1ZLZyH0iNF9eaI4Tie66JeI5B9H-yd90JW5lhdjGrm0Ip44n9e6p77hjON2_dqPSv5fT2J2vvqTSF7S0uC5C8VZONGNblAyy7BaWnQWuoKjE-HbuUI8TaFVuDI6-oahQE397omJy3sqBjCWxpGI6Ur-WS2kVnq37xU_Bh4yYrUOHKfT-wYL_o52wmLro6YOEnAljUax2hSRnYqJG_76wjOcqEbUx_f2kVj6Z_MRkLFrdHypSRvfsx-gFgwJ1-YOd6q-JZHkTdUQBc3Do12tIT1llAodjSWVfJC5pIjJlKG8zijYiePtn189wEKExLJ71JpeSh4jd48NaietaZ3vbjdSa5LTLps9WZS7s4Nu8sTjfS8mXpHDCGwsJ0FrcMdzhahdqQl-8VYNbCGVBtk4vUGux-7QVLrl-b-dzag1ZKznzj9CFncmq5Xz4h7Pt0ojfQZXgTNaVyLlFp2bWCAxCX7N9CjOpCgd-PIevzGjQ06rkx9ndllbInOoK_GNJyxZ_rXuHeTgD4XfK8Ubm2pY_FNwfrSW20eLae3fKKgb4S-aWGlWqnkgiPO867DYaprisvmGTmyKDy4q5DX0bAgWiEPs0ds5WaXE9MZREktsvwDOYqj3VIiOTXymCo7H77dj-wcZ8clu4dWJNkBRq0LxQ9aSxsJaG-yLpJcfFC6olZPX2YqGuWvZ5IOmTzBVmcGr7Mwe4htZ4tFD7GeOZF2waoy7CihHce7pLFEwIhSvnSrhHEuIrNIMham5O_eMz7Ume_IrdwvYky3JxZb77jF6WtU-LU5QM9S62CeyqolMMAlhioTAGk25cwt-PxuWmat7_b27Hmq_FjTqjO82w3PeXt-KwN-P9EdtFOvQkGxweeHlkmC-heGKyYBQoGjpPyzn7-1wPYzoP1H2bRpd_AcslBC36-ZXnG7fsuGuY2xh-9uDtGmUlvrx_ZTnkqa7jMjyo3oDki1GIInnqut8ULcDU-soeF2MEETR4yx-oDiNSFXg5sYiJyb8YIaqvLPUDNV_Jzy2wuN2_w6lAWiNF1yR7z7wjwiNNSUoCtETBKRvPescIgPbKRpPkpGx_JN32p6DhHwgcpiVtv2uNvS6DZ13oy9yGtBZSRmecKQpEJ8YFNFo3cuA9A3wZclN8NvfA9N3kCCImD1NQoNCjoM5AGVHKDmq9jtcUIvEX_qBygXqRj_eNY9XMAQaC_yjNlt0np5gp3mYjef5ZwKb5zqrNqIAO0VQjEVGZQartK0QV20ZcGEfRBzVuXlVrn4RkKMMUyuJ4WXwUu3xgkdftxUPWUbTpsf0g_zBUMSLIKNjBZtSECmcLgmWEeYhtS764W0v1ltQVnkqyBzLy2jSu17H1JOsMeODNMHQ1ktjf0ry9QtWqXUN07gVaFPuTMfqSFZmnIBJeG8Ulo-xYgica2eyMwU
IP
35.186.250.143:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/click/confirm.js?data=gAAAAABjiANwPQpr9Uk3spZUsLYSqRS7n2lU7yF92Tp54tE1z5B1tgqJilqM1pHvT86Ixad6jCo7aspvIKpV87RqC9b_P-UV-Ob1bwDDzwlw5qmhD8dyT7xYAYReu2-8ZOpaa8ShnPP60pgu7hByxOh8DscrKL_s8nCyjlgmKxgiCjyWRhoOwusmqgcZLPc1JvkPwN8c80NgbKZmvRUKVigyMxYfeWx9WlLUqL_XQ-piVL-TMcILrpcROlymXkQnHfB4KNuzk5cMc30tK6JSBTcweUgX5NP5XR4rV6xvChfgiFDTJptC2yrxIYdInOnA7Iq5mUTHYrv61ohQMPLR72VtDKwsljlsRJELZO95Svje_oYm5Q-qSqtooazOUSZv1kZiqKnOd5x-mw_Q5zUKfq9wuYqJxTP7mqFtKrh3UpUoCFirFqFQKLUbmPjOLU-mJzKwV7WpRxWXqZHpgnZtSh4xoXgO2_bJ99mdCJiZJyPp8NI4Do2viLxZ0yrfyh7njqGfghnDsz3RLCR3MURRTj_Jqfijr9akbhtlJVe1oDkZqYVbRpNTJXdxsDr78BfM8Rjupx82SIooCzehkA1VLcEnTEtv2emkQOFm80CE5XDSPsB52lrczkGj_z31J5X1FlbetwNzb5gqRDWhy4yGEQN-7RsUz8tk_NUxck8Mxb9fXnu7Zc3eUVvECl2hYOREb2OhYznCvQ61YSLkUjI9C5-DitPGHuxUyGoJXBkUR4FB7MgEtWj7xrjkqgVFifmUp0wlDUKebH64C-e3kMmUIGycYbez9agv4rg-Zetr5xYkPDWjbwxNCr7qxUZB86lOL0Kv4Q0BMW6bhN_TZPVkfrLFL-hQC21gLbrF4p67wnsoEb1wubNfUPbVSzjnmqwA3zXlbyzT3kp9moHHtklXIBz6fVs1cyNFkLFRIHH-whDmk5xdCMfsvmUxFQcfEm-eOJTPF-waRykbwZtZpJTPeeJiy4LDZ4c5R0ixntxw0D7PoQ7OJJ-BCGQD7RZGHMFMAaeqWC9LuLPHVLuKKwLfNDAScziCzY6Tj92_8OBlZeqJ5AqkwRKn2tUzoyYVBYXaFVY7mjofWWIEvVqCvGvv0oljvKtvK81-K5igzy8_OznEix6cBugm-q_Ree1ZLZyH0iNF9eaI4Tie66JeI5B9H-yd90JW5lhdjGrm0Ip44n9e6p77hjON2_dqPSv5fT2J2vvqTSF7S0uC5C8VZONGNblAyy7BaWnQWuoKjE-HbuUI8TaFVuDI6-oahQE397omJy3sqBjCWxpGI6Ur-WS2kVnq37xU_Bh4yYrUOHKfT-wYL_o52wmLro6YOEnAljUax2hSRnYqJG_76wjOcqEbUx_f2kVj6Z_MRkLFrdHypSRvfsx-gFgwJ1-YOd6q-JZHkTdUQBc3Do12tIT1llAodjSWVfJC5pIjJlKG8zijYiePtn189wEKExLJ71JpeSh4jd48NaietaZ3vbjdSa5LTLps9WZS7s4Nu8sTjfS8mXpHDCGwsJ0FrcMdzhahdqQl-8VYNbCGVBtk4vUGux-7QVLrl-b-dzag1ZKznzj9CFncmq5Xz4h7Pt0ojfQZXgTNaVyLlFp2bWCAxCX7N9CjOpCgd-PIevzGjQ06rkx9ndllbInOoK_GNJyxZ_rXuHeTgD4XfK8Ubm2pY_FNwfrSW20eLae3fKKgb4S-aWGlWqnkgiPO867DYaprisvmGTmyKDy4q5DX0bAgWiEPs0ds5WaXE9MZREktsvwDOYqj3VIiOTXymCo7H77dj-wcZ8clu4dWJNkBRq0LxQ9aSxsJaG-yLpJcfFC6olZPX2YqGuWvZ5IOmTzBVmcGr7Mwe4htZ4tFD7GeOZF2waoy7CihHce7pLFEwIhSvnSrhHEuIrNIMham5O_eMz7Ume_IrdwvYky3JxZb77jF6WtU-LU5QM9S62CeyqolMMAlhioTAGk25cwt-PxuWmat7_b27Hmq_FjTqjO82w3PeXt-KwN-P9EdtFOvQkGxweeHlkmC-heGKyYBQoGjpPyzn7-1wPYzoP1H2bRpd_AcslBC36-ZXnG7fsuGuY2xh-9uDtGmUlvrx_ZTnkqa7jMjyo3oDki1GIInnqut8ULcDU-soeF2MEETR4yx-oDiNSFXg5sYiJyb8YIaqvLPUDNV_Jzy2wuN2_w6lAWiNF1yR7z7wjwiNNSUoCtETBKRvPescIgPbKRpPkpGx_JN32p6DhHwgcpiVtv2uNvS6DZ13oy9yGtBZSRmecKQpEJ8YFNFo3cuA9A3wZclN8NvfA9N3kCCImD1NQoNCjoM5AGVHKDmq9jtcUIvEX_qBygXqRj_eNY9XMAQaC_yjNlt0np5gp3mYjef5ZwKb5zqrNqIAO0VQjEVGZQartK0QV20ZcGEfRBzVuXlVrn4RkKMMUyuJ4WXwUu3xgkdftxUPWUbTpsf0g_zBUMSLIKNjBZtSECmcLgmWEeYhtS764W0v1ltQVnkqyBzLy2jSu17H1JOsMeODNMHQ1ktjf0ry9QtWqXUN07gVaFPuTMfqSFZmnIBJeG8Ulo-xYgica2eyMwU HTTP/1.1
Host: 1865e08ae4.smapp.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23
Cookie: cx_ntsl_i=b8c43486-f383-4d52-aa6e-30ba6e7d22bb; instal-cookie="2|1:0|10:1669858160|13:instal-cookie|124:eyIzMjQ0NjgwIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=|b7a8cc8f6e7fd5a492b1991559b854d8f758bb7cba6af81d8738d6db6a7f0893"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: TornadoServer/5.1.1
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c16b5b01c5d88cecc4d695a55edd5ae
aa12b1797db6ce281c0382c08f70794a642ddc49
5aa48a0df3bb018f1778ad6ee1e34491e9f980372bde1f51248b0838e6696286

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:29:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bc8cce3fb281e6ddd43860c16c333d24
56d3518e791bd748a7d3759fc539b85bd370bdb0
6998c00e0db48f7b49e870ebf334045fc3d6fc34809c16e82e81ab74a2879335

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166803
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:29:20 GMT
Etag: "6387ec03-117"
Expires: Fri, 02 Dec 2022 23:49:23 GMT
Last-Modified: Wed, 30 Nov 2022 23:49:23 GMT
Server: nginx
Content-Length: 279

findyourhalf.top/assets/032bcaf74c0de2c93c8e.jpg

104.26.14.100

200 OK

34 kB

URL HTTP/2
findyourhalf.top/assets/032bcaf74c0de2c93c8e.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x390, components 3\012- data
Size
34 kB (33612 bytes)
Hash
e38526805379a23a1bcfefabf38befa2
afe5306e0df615f7238ad8fe41b33ecd38c10fd7
999863c911c86160c1f2721524580942426d157547b36985f643aeea0dab4aa1

HTTP Headers

GET /assets/032bcaf74c0de2c93c8e.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 33612
cf-bgj: h2pri
etag: "63875a03-834c"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JxBANMvw%2F%2B%2BK%2BiIsMSt8k%2F%2FBgZ3upbxkRp7k8%2BB%2FlO62h9x2kknHQdxRgdcZvgmrlB0hQAg4YG%2Boqnaq5lJfRvcx1JtoifKyFVHb4Gs%2Fg%2BUyM7yB%2BWuP%2BvM8Clk%2BgGVSUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580e1c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/2c7be58264048611fef5.png

104.26.14.100

200 OK

1.6 kB

URL HTTP/2
findyourhalf.top/assets/2c7be58264048611fef5.png
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 98, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1574 bytes)
Hash
214628994adff396733825e7b9778ad8
cfcdb02dd750c2c56ce0df960f032865d0315d24
072083cb6a8af8fdfad3087d4aafe1fbb1ef96c4863dc53d9f1483ce83937dfb

HTTP Headers

GET /assets/2c7be58264048611fef5.png HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/png
content-length: 1574
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: "63875a03-626"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HyEf6I49CnV0mEw8sgbWMXhaoLmnaJrzmztBj9ERj11oJof7FpppkDB7KMzKXtYQbprM%2F8mhCm9GTet8Z6%2BZsSg7ngnj%2FVSJRTTRPTu6%2FDEehereMiP0srJGAH%2BrZU94QQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158101c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/47ae6a5ba10cda2c9e0b.jpg

104.26.14.100

200 OK

21 kB

URL HTTP/2
findyourhalf.top/assets/47ae6a5ba10cda2c9e0b.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Size
21 kB (20958 bytes)
Hash
56b1d087e07bfce17502f3d15a29599d
1a3fdece929142b64a427a813298a4278f9c9a3b
06bda10f4f886bd1dc58e72919dce1d5ef8395a9103cc719c333088ae7cf6677

HTTP Headers

GET /assets/47ae6a5ba10cda2c9e0b.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 20958
cf-bgj: h2pri
etag: "63875a03-51de"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atV5rbKlkQXnU5AQpLQapYACylWOY4fd8nyttNYmyiUJhO0TuWLByXaypBa5X3EJad3ZKDTSEnxoeUv%2B9FFFqvSI4CMap%2BuV97BBuAeATVpQeaT4k5qG9LI2ZEGiCDFge48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158151c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/06c49b18302a6f35f315.jpg

104.26.14.100

200 OK

21 kB

URL HTTP/2
findyourhalf.top/assets/06c49b18302a6f35f315.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x375, components 3\012- data
Size
21 kB (20712 bytes)
Hash
0d0464ad4924d5189707d2508a818e37
d40c4e3dcaeaaae3eb66d3ca096f8569c4605e21
d8b8c213ff1fcd97e0cbb4ec056712bfed39405c65a20135135328b5ad1104af

HTTP Headers

GET /assets/06c49b18302a6f35f315.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 20712
cf-bgj: h2pri
etag: "63875a03-50e8"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkEbX6lev%2FFi26ZSboc6MXffwIf8wK6%2B26J%2F5VZoDQEIOuJPqjMEeeA1VBjirgFnDsk5D1tazIU46jsqrRMPw1IAqZFwuCBnxbCpvj1h4WiTEUFpGmK4RLYMFiRgbGg0Dak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158141c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/d4df7c721715d3197d35.jpg

104.26.14.100

200 OK

34 kB

URL HTTP/2
findyourhalf.top/assets/d4df7c721715d3197d35.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x499, components 3\012- data
Size
34 kB (33816 bytes)
Hash
785457fd7f81715119251bcf4c1a8f56
66cbede5b601e6d0857441c939e9798493e812c2
32bfa591e8f2fb193889b21a3ec397e4029a5eeb22b4f1a718b056978013580c

HTTP Headers

GET /assets/d4df7c721715d3197d35.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 33816
cf-bgj: h2pri
etag: "63875a03-8418"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcvtKiCtLDHeoigwYo8sIKDHHyMYCoVI30rKOB8Pz%2BQbc0dTVfRjBd%2B5RQn2oqDte1Z17dnu4HPDqDObBtCEleHe9KL%2FxicFIy5v8ZtMMbQqExhr8%2BFzwF1esxaeymw12DE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158121c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/848c59c46246f7f3cae9.jpg

104.26.14.100

200 OK

12 kB

URL HTTP/2
findyourhalf.top/assets/848c59c46246f7f3cae9.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 360x241, components 3\012- data
Size
12 kB (12409 bytes)
Hash
147a131b97e24b606548d78e8fa56e63
b746629c163d2cc3f3ac1d81b9bed35e682e85fc
10e26b8306c1bc3958e6b243fa4dd0aae70c197f460a9eec192dff846ba8aeaa

HTTP Headers

GET /assets/848c59c46246f7f3cae9.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 12409
cf-bgj: h2pri
etag: "63875a03-3079"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCWSO5l7S7I1eNkgCE%2FYAJtJyYzIw1HUBsK%2BYPpUn3Po1OARfyFyZF1nTc%2F8vUJwO0mKFjd53Jk7Vuq5JdgTJQjyCxzbAbSpdy1EHXhTSuVZ3Zsi8L4Kjor7wbOtchhmzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168161c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/1418d3d54dbb9471fdf4.jpg

104.26.14.100

200 OK

55 kB

URL HTTP/2
findyourhalf.top/assets/1418d3d54dbb9471fdf4.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 554x414, components 3\012- data
Size
55 kB (54789 bytes)
Hash
6d4697c58b5ca314ed5e18bd8ca6b9ce
2a6e9b8a93d359dd492fb3cfbb2bd768c28aa6cb
7d38705aa944831049bd714c99d3912f3528c27c5bbdac5bbd6fdcabef869bfa

HTTP Headers

GET /assets/1418d3d54dbb9471fdf4.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 54789
cf-bgj: h2pri
etag: "63875a03-d605"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wb9N%2F03ZV9xM5GTv5pmmOCvxVM%2FpBbEcbyCR7HLXHun6%2FuV632gZsM6Ponu2D5ItnMSdotmFgNyA6oHULqR1Lm8gCOznCEQ94X%2BMXcUeiU0Pn%2FT242JUptuHOg%2FutZSWoJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168171c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/0e8214b6a04a80b2ed65.jpg

104.26.14.100

200 OK

118 kB

URL HTTP/2
findyourhalf.top/assets/0e8214b6a04a80b2ed65.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 507 x 500, 8-bit colormap, non-interlaced\012- data
Size
118 kB (118495 bytes)
Hash
fafd80f19f1c7b5806ec7f6935872cb4
d8c6a473659ac0ba5472bcdfa4b7dab91470ed07
e65ad8065b9444d3881bb4d2fdd160f90f1babeb7a0f712f288a77aeef18ad87

HTTP Headers

GET /assets/0e8214b6a04a80b2ed65.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 118495
cf-bgj: h2pri
etag: "63875a03-1cedf"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MM%2FUAT2v8F7NWrTujPho0hmQwbDvqUe%2FL4X0F3YnQN6ZJOwZ7DidJflkrdl3r78wcNu02Onl0R9kiLy3VrXx5vyWsFQNxi9V406xk0w6QCnrKbAMOrB9TXnsYytzjQwIv5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168181c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/assets/56d040d1d8bf3bf21d63.jpg

104.26.14.100

200 OK

55 kB

URL HTTP/2
findyourhalf.top/assets/56d040d1d8bf3bf21d63.jpg
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x620, components 3\012- data
Size
55 kB (55200 bytes)
Hash
9ddc7b6cb356a6d2e99eed41cc1734de
e1da98ccc6c5198d528384dcf0796de766475488
b80543c059b42b12ff905047b8a8f5d6f4b676febb7edc65aa602e64248dd837

HTTP Headers

GET /assets/56d040d1d8bf3bf21d63.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: image/jpeg
content-length: 55200
cf-bgj: h2pri
etag: "63875a03-d7a0"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7FHqZYKZtNbQKQun9Tn4AMM8%2BCjVMVNGYMOwMdvqgKSWVvHCf80yufeHyI2kkGiN3UjFqj%2FTztVzs5Xv%2FIuiVzRQMlPTVUhVZVB0Ae9zEBqYTZ6cno3fvmLbdT34KRHrKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21681c1c16-OSL
X-Firefox-Spdy: h2

findyourhalf.top/js/_global-config-sd.33011211.js

104.26.14.100

200 OK

53 kB

URL HTTP/2
findyourhalf.top/js/_global-config-sd.33011211.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (365), with no line terminators
Size
53 kB (52790 bytes)
Hash
520eaa068cdb9b6f72789e9e987be6c8
a7affed624960476b09e6c0477b7786d2995181f
1e57c4b5fb32d362ea41ba2c2af94e2973d4f63f8aabc8b378878beefab118f1

HTTP Headers

GET /js/_global-config-sd.33011211.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-16d"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfeUzZCOhJGMT3f6tX486NFfG3eBdD4ipZmwPB3tlntEaTdGE6Gn2PNZMTg%2FYGWe0Cl5nPQEr0jmSH5VLUk7AGFniAk8EhDbO5WGHGwJcBny3JzwGo8hNgKnT%2BPCacchYDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158041c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
111bb1121c31ddc9763207834c898117
49c5098d8603faa9a3a1401c03cd2a7b17ec66f5
3deb6ec612870ce64be10c169cef834a0ef36eb04673da8eac92467799682f94

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 01:29:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 14:26:18 GMT
Expires: Mon, 05 Dec 2022 14:26:17 GMT
Etag: "49c5098d8603faa9a3a1401c03cd2a7b17ec66f5"
Cache-Control: max-age=391616,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77280d1dbdea0b55-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8744b420a10a2cf35bc5877b2dff9302
bf5ad501ac3e36bbed35695b59eced04d380b596
455bda3629e55c1730a67d5d82c68e4001f78f8019a755178225624e16076e80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "455BDA3629E55C1730A67D5D82C68E4001F78F8019A755178225624E16076E80"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3900
Expires: Thu, 01 Dec 2022 02:34:21 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7957 bytes)
Hash
37004182402c955f288eb1fa8df7aef4
01a07f9a5725f608fafeced7b3d1ebdbcb776c29
c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7957
x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PGgNIAMF2Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5et72pBhP9fdm4fNy6V5AJjs7B5N3HUGgaToNJV3LbA59D-0QDAMvw==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:31:51 GMT
age: 79050
etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7609 bytes)
Hash
0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 1a464872-7c15-42d3-a12a-f344adf99662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PHVUoAMFf4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-3f77f387752222b212d6e2a5;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XUcf5sxPRTQEOS_HWPDW5ioStuq1TPMKvKQSRi2kZI5TbTWEVKFfog==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:42:48 GMT
age: 78393
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10437 bytes)
Hash
291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 12030
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2382 bytes)
Hash
f5469e846da1e0f21cfc480f56a656a6
b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2382
x-amzn-requestid: 7279ff68-1e32-4c57-9b9d-f5803a19e8e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJYQuEmEIAMFkeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806d9e-2cf28dc150b53b9f3c60bb4c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:24:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UaUyc03Gw0P7G_7gjAyp-c3XxjIDbllO7lmG_8UWVCuBP4WgEgSydQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:26:41 GMT
age: 39760
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6036 bytes)
Hash
83e8a8c500dbcb636ad4a57a10de8adf
4593bb86a0a61eccab43063cb3c0c797abea5b46
fd9bc5cfa9db9999ceba780a3c801663ae3a9d115fc968f633800da2a680d49c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: ad1d9f29-4a4b-4b5f-b29f-d2e5849b5c1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMQGoSoAMFUnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe7-40e8de13537ad17b3b28e1c1;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7EqSYILMuuXaZkdkEPxROiSw3HU1zfjqpXDU4TqBGLdNSWyj4Ioezw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:46:29 GMT
age: 13372
etag: "4593bb86a0a61eccab43063cb3c0c797abea5b46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
3f4c603a0dccdc07e2efc3ffaef41157
7f4173c0c3ad275338cc42a71669c5470f3d5de1
e2589a50d73b73633cdfe9e6b6deca8d938f131a2d1475f0b3a57860927a5a05

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://findyourhalf.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fef155038bf9490c9d567967d7250d70; expires=Fri, 01 Dec 2023 01:29:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5295 bytes)
Hash
eb4b8985f697c1ff7753d3961fb4f67d
b412d62d44993500b947a38e8e242d0c6d6b7588
571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:17:18 GMT
age: 11523
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e2bbb16daf0066fd0e4fb1ad6b36aaa7
ee9b7c25b368da7bc78a1628d3b7f94b34871c2f
b1a63ddf2500dcc3151c6c58d29b3d124d6e21daf0864df70cd7ab7d25171f4a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1A63DDF2500DCC3151C6C58D29B3D124D6E21DAF0864DF70CD7AB7D25171F4A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13440
Expires: Thu, 01 Dec 2022 05:13:21 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

itcleffaom.com/track?offer_id=2061&z=4655142&request_var=6100_8532&variable2=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab

139.45.197.237

200 OK

148 B

URL HTTP/2
itcleffaom.com/track?offer_id=2061&z=4655142&request_var=6100_8532&variable2=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
148 B (148 bytes)
Hash
673cfa6261713c037f5e6d0d8cebc7e5
3fa4ef98e3409901f9d51f1bd651a130506aed6b
546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /track?offer_id=2061&z=4655142&request_var=6100_8532&variable2=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: application/json
content-length: 148
x-trace-id: 5c9cd1c57954ad33c2eef1e13edaba96
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4db6adb68d974d4a5343eda081abb131
542d171f9aefecdd8b6b4eb8070f4a063ee90a62
5822f506962c5b9c376cd4da49a074f37740776b4871bb6745c4453c359e27f3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5822F506962C5B9C376CD4DA49A074F37740776B4871BB6745C4453C359E27F3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3424
Expires: Thu, 01 Dec 2022 02:26:25 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

itcleffaom.com/rotate?zz=5473379;5473399;5473396;5473423;5473382;5473432;5473425;5473415&var=4655142&ymid=6100_8532&uid=fef155038bf9490c9d567967d7250d70

139.45.197.237

200 OK

6.9 kB

URL HTTP/2
itcleffaom.com/rotate?zz=5473379;5473399;5473396;5473423;5473382;5473432;5473425;5473415&var=4655142&ymid=6100_8532&uid=fef155038bf9490c9d567967d7250d70
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
6.9 kB (6937 bytes)
Hash
ff573f54d7cc8a7c6f6d4216b926b765
8be65c2fc7ec3b9920de7506935ca76fdd6bdd4b
4bf0e887125120b044454669455e278ad6f9272d283dd883685b38a88e820e52

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /rotate?zz=5473379;5473399;5473396;5473423;5473382;5473432;5473425;5473415&var=4655142&ymid=6100_8532&uid=fef155038bf9490c9d567967d7250d70 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: application/javascript
x-trace-id: 8ea89f32dd9694563da0f747d9e29f42
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://findyourhalf.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=fef155038bf9490c9d567967d7250d70; expires=Fri, 01 Dec 2023 01:29:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

findyourhalf.top/img/fav/heart-16.png

104.26.14.100

200 OK

670 B

URL HTTP/2
findyourhalf.top/img/fav/heart-16.png
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
670 B (670 bytes)
Hash
161113cd0cedcbb5a4a76ef87c00b0ea
ec807c2867bd4ff3c3aef6ff966ae1648832591b
df545a40f6092920cf46af4e124e550273bc0b9aaec5f137f3d03ba91aa02274

HTTP Headers

GET /img/fav/heart-16.png HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: image/png
content-length: 670
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: "63875a03-29e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NxA0T76uGSeMQ5sY3DMD8kmGlToXozbr%2B2N3LEL7Wl9QKcoV1fbC0POTbTR%2B9oscBJ4I0WwjYRgiOevOeOfpvUN%2Fbe1it0jDF6fQo9oiTTSMgIC9AVC0T6unAUzFSzdOuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d262a071c16-OSL
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

5.6 kB

URL HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12932), with no line terminators
Size
5.6 kB (5561 bytes)
Hash
19e728dfa50d69558170e5034c2d792e
d9d10487cec4ec5a593316402607e68217728dbe
b05c252e40b9a019b9bde8e013387d00eb8d1c92a10beafca50daa97a022827a

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGCd%2FMC2kGkMdu0srg14g1LqzhrDuGuYNqzPJXb21lRrixMopS6B25K0Ak3EioE%2BtEjVIsQu5bmglmLyMow9kvyMLcrVvnk7f%2BpK%2BNKliji%2FuUzRIkuzIldo%2Bxgp%2BruiTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77280d2619110b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

151.101.194.133

200 OK

937 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
151.101.194.133:0
ASN
#54113 FASTLY

File type
data
Size
937 B (937 bytes)
Hash
cc7d893ac0f9474e9e5674435396f0c6
8eb1de4a6229a19a55537a226edfe520b545772d
9c8ed86831e22b24acff472b1045ad5596aec8ea01595a0a8b536d586fc04cda

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 937
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 05 Dec 2022 00:50:10 GMT
ETag: "8eb1de4a6229a19a55537a226edfe520b545772d"
Last-Modified: Thu, 01 Dec 2022 00:50:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 01 Dec 2022 01:29:21 GMT
Age: 2350
X-Served-By: cache-qpg1244-QPG, cache-bma1660-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 10, 17
X-Timer: S1669858162.735543,VS0,VE0

mc.yandex.ru/metrika/tag.js

93.158.134.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size
73 kB (73267 bytes)
Hash
1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73267
date: Thu, 01 Dec 2022 01:29:21 GMT
access-control-allow-origin: *
etag: "63875d46-11e33"
expires: Thu, 01 Dec 2022 02:29:21 GMT
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e%3Acdc419073d485f613f24358e7f7a71c98c4977ab&utm_campaign=6100_8532&utm_medium=4655142&utm_content=zd_public_v2

104.26.14.100

200 OK

3.1 kB

URL HTTP/2
findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e%3Acdc419073d485f613f24358e7f7a71c98c4977ab&utm_campaign=6100_8532&utm_medium=4655142&utm_content=zd_public_v2
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.1 kB (3102 bytes)
Hash
77e9522e7e4a821ca9571a02f62fbfba
f20095a4ed358e652eb314996a66d80f5612a60d
a458eeb0cf6bee0cb7bbba1c7e0dabb98ce6e34391944a46fd45890b2abfdb6e

HTTP Headers

GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e%3Acdc419073d485f613f24358e7f7a71c98c4977ab&utm_campaign=6100_8532&utm_medium=4655142&utm_content=zd_public_v2 HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: text/html
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSuuihKH7N2ns2lOILJiCI9YNX5cRH%2BLx9xI5KACl3%2FWddIJDN55Y%2BVfn4EELAmzzSa72x6Nmy7K8WiubkHKeJejtVlfPLPfccyeC3XTyq9pz8bZRoRaOeQ5ODKFzA5SwXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d22386a1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/rtc.08b364bc.js

104.26.14.100

200 OK

4.5 kB

URL HTTP/2
findyourhalf.top/js/rtc.08b364bc.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10708), with no line terminators
Size
4.5 kB (4458 bytes)
Hash
aa921b30e238a0f7a2cfa25d6626800f
3704a14752e12e7d0695b06afc130b9856f7ed3e
50d12ff08074ec572e1ecb5c6d3cdb4493e4f0f57a26a5d032d743452ee27316

HTTP Headers

GET /js/rtc.08b364bc.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-29d4"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA0rB24Llm4oPDcunT2sYbIT2Agzyta0obnCYJ4mu6K%2B4FsyDx5KVR4pInULMA8HQ4CIqlgaBC0AIpwK0IcilOBPKEla3NQWj8t7rWFQYv7srlqvzUrmelR0Ya8E83vT5fM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158061c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: *
etag: "63875d46-2b"
expires: Thu, 01 Dec 2022 02:29:22 GMT
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A958949102%3Arqn%3A1%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C82%2C1%2C%2C0%2C%2C133%2C1%2C%2C%2C%2C305%3Ans%3A1669858159635%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

302 Found

400 B

URL HTTP/2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A958949102%3Arqn%3A1%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C82%2C1%2C%2C0%2C%2C133%2C1%2C%2C%2C%2C305%3Ans%3A1669858159635%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
96e47476a8656d2e6bb3434e505d4e35
aed0edd019efcdd9257405f28cf0c7aa4a8c554c
f899cccb8585239b864c7084671007c5806e9910334cc7ff25789791c4729eca

HTTP Headers

GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A958949102%3Arqn%3A1%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C82%2C1%2C%2C0%2C%2C133%2C1%2C%2C%2C%2C305%3Ans%3A1669858159635%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A958949102%3Arqn%3A1%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C82%2C1%2C%2C0%2C%2C133%2C1%2C%2C%2C%2C305%3Ans%3A1669858159635%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
set-cookie: yandexuid=8331469991669858162; Expires=Fri, 01-Dec-2023 01:29:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8331469991669858162; Expires=Fri, 01-Dec-2023 01:29:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=724658881669858162; Path=/; SameSite=None; Secure
i=52B+rzR3+7pjiUNv9850BgE3YBgCpqlfSYuqsETKHCqXb5IJHijjegOX710pWK0YVbjGfaImISqdsvAVCrZUdfa57Hg=; Expires=Sun, 28-Nov-2032 01:29:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701394162.yc.1669858162#1701394162.yrts.1669858162#1701394162.yrtsi.1669858162; Expires=Fri, 01-Dec-2023 01:29:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A598566788%3Arqn%3A2%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1041%2C1041%2C1%2C%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A598566788%3Arqn%3A2%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1041%2C1041%2C1%2C%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A598566788%3Arqn%3A2%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1041%2C1041%2C1%2C%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 78
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

findyourhalf.top/js/v-utils.js.10c42cc1.js

104.26.14.100

200 OK

4.4 kB

URL HTTP/2
findyourhalf.top/js/v-utils.js.10c42cc1.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (8631), with no line terminators
Size
4.4 kB (4436 bytes)
Hash
a639b77961da54c41c3edc912a7203ec
1d828d362f8a62954e9994ab743fe84329c02cf0
152561dfd35b1bbf66d709f138cbe1a595ee5a0fe6514de41f0a7dbe856879ec

HTTP Headers

GET /js/v-utils.js.10c42cc1.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=8634
etag: W/"63875a03-21ba"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUG1H3A3exsjGD4lgO9qwvauSdVFVf1OrmBM7HLFBNvMWm7gT4j97hmKO9x0CNIMmTRE1pOCeOCyGg1POoMr3evLbPIRcRUuaJvze8j32qTVOzMJygbHukP3bn0TwuKe3FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158081c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A315254435%3Arqn%3A5%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A315254435%3Arqn%3A5%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A315254435%3Arqn%3A5%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonStepChange&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A158386130%3Arqn%3A4%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonStepChange&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A158386130%3Arqn%3A4%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonStepChange&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A158386130%3Arqn%3A4%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A983252634%3Arqn%3A6%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A983252634%3Arqn%3A6%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A983252634%3Arqn%3A6%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrackImpression&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A26116150%3Arqn%3A7%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrackImpression&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A26116150%3Arqn%3A7%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrackImpression&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A26116150%3Arqn%3A7%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 199
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A609740988%3Arqn%3A10%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A609740988%3Arqn%3A10%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A609740988%3Arqn%3A10%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A838266063%3Arqn%3A8%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A838266063%3Arqn%3A8%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A838266063%3Arqn%3A8%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A491433084%3Arqn%3A9%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A491433084%3Arqn%3A9%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A491433084%3Arqn%3A9%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 384
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
996ac34fffcba33969ef576529faad5a
fa7b11e27336cbaf889d24d7c1bf32bc9f527ad0
8659991e2635191054954d969fa1fb253e6cd8363ca6274ce05348b908ef3dfc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8659991E2635191054954D969FA1FB253E6CD8363CA6274CE05348B908EF3DFC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6336
Expires: Thu, 01 Dec 2022 03:15:03 GMT
Date: Thu, 01 Dec 2022 01:29:27 GMT
Connection: keep-alive

findyourhalf.top/js/config/dict/cookie-consent-1.json?v=10

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/config/dict/cookie-consent-1.json?v=10
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: application/json
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: W/"63875a03-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0BSBFj1CtRlv%2B1nLeH9I0F5fzX6ometP5ruVMWqd%2B63J%2Fwzo%2FH5wI05JyUOtqfkHVlfUGHKmabvkvMTTeo8NuGNbmTsJZOitSiv0A049mZlEO9d199%2B0hH7fkW6z5Axmqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d22386f1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/v-index.js.2c18e767.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/v-index.js.2c18e767.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/v-index.js.2c18e767.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-923e"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoEfJFisiizHaefoYELzHi5Uhsd4LTeKMFJP7VdzqGm6dKvu%2Fs57lQ%2B2Ic4RGCETxRImIfBiPKDBCrggeCGLDYJQjQwMF0CdkJ79Mi0OPSv0bxi%2Bg%2BRSxjgiTwWDE9ZQMkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158071c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/css/survey-dating.42775b4d.css

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/css/survey-dating.42775b4d.css
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/survey-dating.42775b4d.css HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9365
etag: W/"63875a03-2495"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KF23hrUGlpG%2FDwppbp0rIKc59y4SRgD3KcPz94Ooe4hWu3PIOaU7Nc6%2BEgBd3fXllymt2pMaUhP%2BYE1eNC6bn6qYSQ%2Bo6HwFY8eKYBL90sdWwz7pIkBsZ8FwcKqkc5eCmJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580d1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/survey-dating.bf46a302.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/survey-dating.bf46a302.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/survey-dating.bf46a302.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-476"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5xKIw7TxvXhYjxVzUAp%2FOB00zbGZzaV%2FHRSAEKOhtI79ru1m8jyiFpN%2F7QD4X8KfOEN9%2BnaZ%2FHBzZRvmaZxKPQdY6Sn3qaOJOhV7vT4D5bm9SmQdecd1klN947MgytxWso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168241c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/v-react-dom.production.min.js.19c87283.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/v-react-dom.production.min.js.19c87283.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/v-react-dom.production.min.js.19c87283.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-1f8c5"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHbWiBbfZnjaE9ePxuaAjTUP%2F1i30SrOxu%2BY052DbwkySh%2BBzT7jaH0sWYXEcod%2FRjy2erO9WBE5084I0KhxXMEyoSCNYPls%2F5gKJfI0NwkYxSiv6vUP7dVNHtw8Wni1Dws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21681e1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/css/survey.cd8123e3.css

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/css/survey.cd8123e3.css
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/survey.cd8123e3.css HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=19034
etag: W/"63875a03-4a5a"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdzQYvLQ17lrmudBkt%2BBLsqbnI3zC8g0TtXmFmammcN8NYfrzIj4zCybBEZslRz4ttu5%2BPxOwZwV9v5SdbZTsvFlTwmuZfPwXllU5M9zpaGsvOhaSk8deBzfr%2FIB7Ny1BfU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580c1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_8532&cdn=1&domain=laugoust.com

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_8532&cdn=1&domain=laugoust.com
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_8532&cdn=1&domain=laugoust.com HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:21 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: W/"63875a03-1325e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XSiGb8WoStFtv13P%2B6bAT49qdSPF5r5Vdbg%2FvzCTehVdmMp4097hHFT6lNQDwOQXv8giOZ1noQHzA6uUBsIKcSY35dko%2FiLDFznV2S9A7sxk7g5ZIB7dI4rmH7rcPEnsM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2328b01c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/each-land-config.9797ee02.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/each-land-config.9797ee02.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/each-land-config.9797ee02.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=82280
etag: W/"63875a03-14168"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm0ooslnR0wEeDDppfp9Oj3Qzh963QA8R14W5zheaY5E6WvQlRBbtvkVzDTAr963Sw%2BjkmxYc4QH%2FOOIvK1JOaAcSigkFHgnXHylbqqRAWgMZh3uiyRnHO2QVX%2FY82XF0os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580b1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/v-redux-toolkit.esm.js.3f7dc52e.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/v-redux-toolkit.esm.js.3f7dc52e.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/v-redux-toolkit.esm.js.3f7dc52e.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-289c"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucL2BrqEwJpfJSM5588j15hT7P5YBwFU4GUOzaDA5d429emzECGE4RCLFIRKbz7nCFRjTmtXOa4RrffdF31IkG1y5wTjF68d3qdUUgvyxEv4vy%2FKCwB8s01yljjCYzooiGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21681f1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/survey.6.dda5ce24.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/survey.6.dda5ce24.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/survey.6.dda5ce24.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=206522
etag: W/"63875a03-326ba"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlHA8NM1oTGsvYkGzeDVDbi32ENVqEYhr9EHugCCQqzdcvTFO2sC8XKhcDA%2B1pzYodOrw8QTGUppgFlJvKSjFOc%2Bl%2BJjGC4u%2F8BjAQRvSKutlJEP%2FnXwrNcBiOn3EIY13Jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168211c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23

35.186.250.143

200 OK

0 B

URL HTTP/2
1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23
IP
35.186.250.143:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23 HTTP/1.1
Host: 1865e08ae4.smapp.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belia-glp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: text/html; charset=UTF-8
server: TornadoServer/5.1.1
clickid: a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab
x-service-version: 2.0.1
x-frame-options: SAMEORIGIN
etag: W/"36081df87166af0b89d166c6607df259f9ce3407"
set-cookie: cx_ntsl_i=b8c43486-f383-4d52-aa6e-30ba6e7d22bb; expires=Fri, 27 Nov 2037 01:29:20 GMT; Path=/
instal-cookie="2|1:0|10:1669858160|13:instal-cookie|124:eyIzMjQ0NjgwIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=|b7a8cc8f6e7fd5a492b1991559b854d8f758bb7cba6af81d8738d6db6a7f0893"; expires=Sat, 31 Dec 2022 01:29:20 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: text/html
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bEMvQ8v3Ar7QXrGLjq4i31EopsYgnjLSFUTkeD0kD98%2B4E6MVXgpKIT9MTliKmPnpuTLqT4NyxpeH%2FjsHxThlmR4r%2Bpo8sW3hdeew9R%2FgUhQ8VAPx9GzbjoUDPpW71MoBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d209fcb1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/v-xhr.js.1d225573.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/v-xhr.js.1d225573.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/v-xhr.js.1d225573.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-b97"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtYd%2Bqqo%2Bj7rhHs5WSpLumPIBLJVT4owowMQI4Fp9eKwv2RM1In5ugUHlUnmjg8NGFk%2BwrOU97BeQaOqocFvIUeaGT1UuZIxSYTlpx3sVRKnB9DmBAnrLiHWQgWEQdR47AY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580a1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

findyourhalf.top/js/v-AxiosHeaders.js.13fc3a8c.js

104.26.14.100

200 OK

0 B

URL HTTP/2
findyourhalf.top/js/v-AxiosHeaders.js.13fc3a8c.js
IP
104.26.14.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/v-AxiosHeaders.js.13fc3a8c.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:29:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63875a03-14fb"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JdPjHSnA%2B8kQ%2BkuZPIPYfXUIeVBuqno1dqsKYljkzBHu23tXUEi22SpWbyvCPLgRnx52NuK%2Bsr259L0b95AwEpcjqg6GZZ90nM0t%2BzjFWJsHXEwQQD0OzcVKPUfdpG08D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158091c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations