Overview

URLblog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
IP 78.41.204.33 (Netherlands)
ASN#62370 Snel.com B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 01:29:30 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-11-30 17:26:07 UTC 34.120.237.76
itcleffaom.com (2) 72236 No data No data 139.45.197.237
e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-11-30 17:37:57 UTC 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 17:13:24 UTC 34.117.237.239
ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-11-30 21:13:57 UTC 172.64.155.188
1865e08ae4.smapp.work (2) 0 No data No data 35.186.250.143 Domain (smapp.work) ranked at: 230295
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-11-30 17:14:19 UTC 151.101.194.133
mc.yandex.ru (11) 2672 2017-01-29 05:34:36 UTC 2022-11-30 18:58:07 UTC 93.158.134.119
belia-glp.com (3) 0 No data No data 3.208.247.235 Unknown ranking
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-11-30 17:12:17 UTC 52.41.201.177
findyourhalf.top (27) 462646 No data No data 104.26.14.100
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-11-30 20:24:46 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 17:12:31 UTC 34.102.187.140
cdntechone.com (1) 64371 No data No data 188.114.97.1
ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-11-30 17:12:14 UTC 142.250.74.131
storage.googleapis.com (1) 420 2015-06-16 19:08:42 UTC 2022-11-30 22:38:58 UTC 142.250.74.80
my.rtmark.net (1) 9054 No data No data 139.45.195.8
blog.afterlivre.com (3) 0 No data No data 78.41.204.33 Unknown ranking
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-11-30 17:12:16 UTC 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-11-30 17:19:42 UTC 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-01 2 itcleffaom.com Sinkholed
2022-12-01 2 itcleffaom.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 78.41.204.33
Date UQ / IDS / BL URL IP
2023-01-15 02:41:10 +0000 0 - 2 - 0 w.zhzy999.net/images/m.exe 78.41.204.33
2023-01-05 03:23:39 +0000 0 - 2 - 3 blog.afterlivre.com/amazon-livres-italiens.html 78.41.204.33
2022-12-01 02:19:02 +0000 0 - 0 - 1 lesmeilleursmomentsdusport.afterlivre.com/liv (...) 78.41.204.33
2022-12-01 01:29:30 +0000 0 - 0 - 2 blog.afterlivre.com/livre-de-francais-3eme-an (...) 78.41.204.33
2022-12-01 01:18:39 +0000 0 - 0 - 1 mybodymoncorps.afterlivre.com/amazon-livres-b (...) 78.41.204.33


Last 5 reports on ASN: Snel.com B.V.
Date UQ / IDS / BL URL IP
2023-02-05 00:33:20 +0000 0 - 3 - 3 dd365x.cc/ 185.244.106.2
2023-02-03 12:56:06 +0000 0 - 1 - 5 util4u.com/ctrl/getid.php?prog=executable.exe 78.41.204.30
2023-02-03 12:54:10 +0000 0 - 1 - 5 util4u.com/ctrl/getid.php?prog=0071b2d052ecf8 (...) 78.41.204.30
2023-02-02 07:55:51 +0000 0 - 0 - 1 kryptrks.com/click.php?project_id=a0b729fa5f& (...) 193.34.166.202
2023-02-01 12:48:49 +0000 0 - 0 - 1 monchatauquotidien.afterlivre.com/livre-pour- (...) 78.41.204.26


Last 5 reports on domain: afterlivre.com
Date UQ / IDS / BL URL IP
2023-02-01 12:48:49 +0000 0 - 0 - 1 monchatauquotidien.afterlivre.com/livre-pour- (...) 78.41.204.26
2023-01-05 03:23:39 +0000 0 - 2 - 3 blog.afterlivre.com/amazon-livres-italiens.html 78.41.204.33
2023-01-05 02:34:03 +0000 0 - 2 - 35 blog.afterlivre.com/livre-francais-histoire-v (...) 78.41.204.28
2023-01-05 02:33:59 +0000 0 - 0 - 1 monchatauquotidien.afterlivre.com/livre-de-fr (...) 78.41.204.28
2023-01-05 01:35:57 +0000 0 - 3 - 1 mybodymoncorps.afterlivre.com/livre-francais- (...) 78.41.204.28


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-05 10:11:05 +0000 0 - 2 - 1 wxq.youfindadate.top/dating-survey.html 172.67.213.219
2023-02-05 05:07:33 +0000 0 - 2 - 1 ota.youfindadate.top/dating-survey.html 188.114.97.1
2023-02-04 21:31:06 +0000 0 - 0 - 1 meetamate.site/dating-survey.html 104.26.3.11
2023-02-04 16:16:02 +0000 0 - 2 - 1 rku.youfindadate.top/dating-survey.html 104.21.50.238
2023-02-04 11:31:23 +0000 0 - 0 - 1 meetamate.site/survey-dating.html 104.26.2.11

JavaScript

Executed Scripts (28)

Executed Evals (1)
#1 JavaScript::Eval (size: 79) - SHA256: 927c0373cb4594320f96ad15ddedc1afe119620cd99c12a032031e7e1a30be75
(() => {
    const a = async
    function name() {};
    window['oy6pce7j8o'] = true;
})()

Executed Writes (1)
#1 JavaScript::Write (size: 4) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0
2022


HTTP Transactions (78)


Request Response
                                        
                                            GET /livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html HTTP/1.1 
Host: blog.afterlivre.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         78.41.204.33
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 539
date: Thu, 01 Dec 2022 01:29:18 GMT
server: nginx
set-cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0; path=/; domain=.afterlivre.com; expires=Tue, 19 Dec 2090 04:43:25 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (539), with no line terminators
Size:   539
Md5:    80266c9784dbc7d9e1e8bf8a423811b2
Sha1:   3014d01f87b734de48fcd57cbff314f8f68b5b93
Sha256: 25b1b1ad150552e9a24ef6a5f13ee7d4a3292844840c420632da0bfec7e04658
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14077
Expires: Thu, 01 Dec 2022 05:23:55 GMT
Date: Thu, 01 Dec 2022 01:29:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3441
Cache-Control: max-age=122362
Date: Thu, 01 Dec 2022 01:29:18 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:28:40 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 01:18:05 GMT
cache-control: public,max-age=3600
age: 673
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19242
Expires: Thu, 01 Dec 2022 06:50:00 GMT
Date: Thu, 01 Dec 2022 01:29:18 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: dZjgEvNNVVgVkQ6M+eNHctZOkxo0Jm5nijL9ENm2+FBnNLNWNnuIOgqAqyOgjk0oIV6VLNalNPc=
x-amz-request-id: VRG7A270ZSEQXFDF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 00:46:04 GMT
age: 2594
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 01:29:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: blog.afterlivre.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
Cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0

search
                                         78.41.204.33
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Thu, 01 Dec 2022 01:29:19 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTg2NTM1OCwiaWF0IjoxNjY5ODU4MTU4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc204ZTlmMmowdWRjOGZsaDAwbHY1azYiLCJuYmYiOjE2Njk4NTgxNTgsInRzIjoxNjY5ODU4MTU4NjMyNzA4fQ.5u6SWnadbrTJWxLYf1e547nP4Dlw6bYOLSSKNYOzEJI&sid=9334fca0-7117-11ed-8fa9-096a5cd551b0 HTTP/1.1 
Host: blog.afterlivre.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blog.afterlivre.com/livre-de-francais-3eme-annee-primaire-algerie-2017-pdf.html
Cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0
Upgrade-Insecure-Requests: 1

search
                                         78.41.204.33
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 01 Dec 2022 01:29:19 GMT
location: http://belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
server: nginx
set-cookie: sid=9334fca0-7117-11ed-8fa9-096a5cd551b0; path=/; domain=.afterlivre.com; expires=Tue, 19 Dec 2090 04:43:26 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 01:08:56 GMT
cache-control: public,max-age=3600
age: 1223
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97 HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://blog.afterlivre.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 01:29:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: wNOJKVmy


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1098
Md5:    c15e02d93fe1eaaf83432cb8915a2f49
Sha1:   39d3bf7c3d52e2ed923cfed45602be6ebd6ba2b1
Sha256: 722878f6949e4bb0977dca5b6748aaf3e5d4a767411877196b01661c839f64a7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3441
Cache-Control: max-age=117293
Date: Thu, 01 Dec 2022 01:29:19 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:04:12 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcvisitor/937d43c9-7117-11ed-b178-123d2c9c3ba9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 01:29:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: FOSoPsur


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   424
Md5:    897f1d4b20ccc2cc3e6f0517632c40ea
Sha1:   f5f1e3e63752e48aab73a3acf4d21d09e531265b
Sha256: 05b7da565bc26b62f22eacce7b1850ef3a7be891552e942c92b2fb48a471cf6e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hFdcUkZGKsmZLeuMMlc7Cg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.201.177
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /BcqOieR8hHB+tYyMCLpxRkR+S0=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcredirect?visitid=937d43c9-7117-11ed-b178-123d2c9c3ba9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.208.247.235
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Thu, 01 Dec 2022 01:29:19 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: VsRMuJdC


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 01:29:20 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 14:26:18 GMT
Expires: Mon, 05 Dec 2022 14:26:17 GMT
Etag: "49c5098d8603faa9a3a1401c03cd2a7b17ec66f5"
Cache-Control: max-age=391616,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77280d1b3d330b55-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 01:29:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0= HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.80
HTTP/2 200 OK
content-type: text/html
                                        
x-guploader-uploadid: ADPycdsmB5idnkFQomUwhpwuC35fJYQj2VhDCI1zKLITuiCDJ8A5Q07HGvImtXcTuP7aidHeWWJXcubzWjc8aqKw-vULzeceo9UK
expires: Thu, 01 Dec 2022 02:29:20 GMT
date: Thu, 01 Dec 2022 01:29:20 GMT
cache-control: public, max-age=3600
last-modified: Mon, 10 Jun 2019 16:09:51 GMT
etag: "54f99c9e98a5b4f17b219e94417e6d2f"
x-goog-generation: 1560182991115409
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1357
x-goog-hash: crc32c=+7k9hA==, md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1357
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1357
Md5:    54f99c9e98a5b4f17b219e94417e6d2f
Sha1:   80247746ede724755155d0aa8c0082c8b00542bf
Sha256: c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
                                        
                                            GET /api/v1/click/confirm.js?data=gAAAAABjiANwPQpr9Uk3spZUsLYSqRS7n2lU7yF92Tp54tE1z5B1tgqJilqM1pHvT86Ixad6jCo7aspvIKpV87RqC9b_P-UV-Ob1bwDDzwlw5qmhD8dyT7xYAYReu2-8ZOpaa8ShnPP60pgu7hByxOh8DscrKL_s8nCyjlgmKxgiCjyWRhoOwusmqgcZLPc1JvkPwN8c80NgbKZmvRUKVigyMxYfeWx9WlLUqL_XQ-piVL-TMcILrpcROlymXkQnHfB4KNuzk5cMc30tK6JSBTcweUgX5NP5XR4rV6xvChfgiFDTJptC2yrxIYdInOnA7Iq5mUTHYrv61ohQMPLR72VtDKwsljlsRJELZO95Svje_oYm5Q-qSqtooazOUSZv1kZiqKnOd5x-mw_Q5zUKfq9wuYqJxTP7mqFtKrh3UpUoCFirFqFQKLUbmPjOLU-mJzKwV7WpRxWXqZHpgnZtSh4xoXgO2_bJ99mdCJiZJyPp8NI4Do2viLxZ0yrfyh7njqGfghnDsz3RLCR3MURRTj_Jqfijr9akbhtlJVe1oDkZqYVbRpNTJXdxsDr78BfM8Rjupx82SIooCzehkA1VLcEnTEtv2emkQOFm80CE5XDSPsB52lrczkGj_z31J5X1FlbetwNzb5gqRDWhy4yGEQN-7RsUz8tk_NUxck8Mxb9fXnu7Zc3eUVvECl2hYOREb2OhYznCvQ61YSLkUjI9C5-DitPGHuxUyGoJXBkUR4FB7MgEtWj7xrjkqgVFifmUp0wlDUKebH64C-e3kMmUIGycYbez9agv4rg-Zetr5xYkPDWjbwxNCr7qxUZB86lOL0Kv4Q0BMW6bhN_TZPVkfrLFL-hQC21gLbrF4p67wnsoEb1wubNfUPbVSzjnmqwA3zXlbyzT3kp9moHHtklXIBz6fVs1cyNFkLFRIHH-whDmk5xdCMfsvmUxFQcfEm-eOJTPF-waRykbwZtZpJTPeeJiy4LDZ4c5R0ixntxw0D7PoQ7OJJ-BCGQD7RZGHMFMAaeqWC9LuLPHVLuKKwLfNDAScziCzY6Tj92_8OBlZeqJ5AqkwRKn2tUzoyYVBYXaFVY7mjofWWIEvVqCvGvv0oljvKtvK81-K5igzy8_OznEix6cBugm-q_Ree1ZLZyH0iNF9eaI4Tie66JeI5B9H-yd90JW5lhdjGrm0Ip44n9e6p77hjON2_dqPSv5fT2J2vvqTSF7S0uC5C8VZONGNblAyy7BaWnQWuoKjE-HbuUI8TaFVuDI6-oahQE397omJy3sqBjCWxpGI6Ur-WS2kVnq37xU_Bh4yYrUOHKfT-wYL_o52wmLro6YOEnAljUax2hSRnYqJG_76wjOcqEbUx_f2kVj6Z_MRkLFrdHypSRvfsx-gFgwJ1-YOd6q-JZHkTdUQBc3Do12tIT1llAodjSWVfJC5pIjJlKG8zijYiePtn189wEKExLJ71JpeSh4jd48NaietaZ3vbjdSa5LTLps9WZS7s4Nu8sTjfS8mXpHDCGwsJ0FrcMdzhahdqQl-8VYNbCGVBtk4vUGux-7QVLrl-b-dzag1ZKznzj9CFncmq5Xz4h7Pt0ojfQZXgTNaVyLlFp2bWCAxCX7N9CjOpCgd-PIevzGjQ06rkx9ndllbInOoK_GNJyxZ_rXuHeTgD4XfK8Ubm2pY_FNwfrSW20eLae3fKKgb4S-aWGlWqnkgiPO867DYaprisvmGTmyKDy4q5DX0bAgWiEPs0ds5WaXE9MZREktsvwDOYqj3VIiOTXymCo7H77dj-wcZ8clu4dWJNkBRq0LxQ9aSxsJaG-yLpJcfFC6olZPX2YqGuWvZ5IOmTzBVmcGr7Mwe4htZ4tFD7GeOZF2waoy7CihHce7pLFEwIhSvnSrhHEuIrNIMham5O_eMz7Ume_IrdwvYky3JxZb77jF6WtU-LU5QM9S62CeyqolMMAlhioTAGk25cwt-PxuWmat7_b27Hmq_FjTqjO82w3PeXt-KwN-P9EdtFOvQkGxweeHlkmC-heGKyYBQoGjpPyzn7-1wPYzoP1H2bRpd_AcslBC36-ZXnG7fsuGuY2xh-9uDtGmUlvrx_ZTnkqa7jMjyo3oDki1GIInnqut8ULcDU-soeF2MEETR4yx-oDiNSFXg5sYiJyb8YIaqvLPUDNV_Jzy2wuN2_w6lAWiNF1yR7z7wjwiNNSUoCtETBKRvPescIgPbKRpPkpGx_JN32p6DhHwgcpiVtv2uNvS6DZ13oy9yGtBZSRmecKQpEJ8YFNFo3cuA9A3wZclN8NvfA9N3kCCImD1NQoNCjoM5AGVHKDmq9jtcUIvEX_qBygXqRj_eNY9XMAQaC_yjNlt0np5gp3mYjef5ZwKb5zqrNqIAO0VQjEVGZQartK0QV20ZcGEfRBzVuXlVrn4RkKMMUyuJ4WXwUu3xgkdftxUPWUbTpsf0g_zBUMSLIKNjBZtSECmcLgmWEeYhtS764W0v1ltQVnkqyBzLy2jSu17H1JOsMeODNMHQ1ktjf0ry9QtWqXUN07gVaFPuTMfqSFZmnIBJeG8Ulo-xYgica2eyMwU HTTP/1.1 
Host: 1865e08ae4.smapp.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23
Cookie: cx_ntsl_i=b8c43486-f383-4d52-aa6e-30ba6e7d22bb; instal-cookie="2|1:0|10:1669858160|13:instal-cookie|124:eyIzMjQ0NjgwIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=|b7a8cc8f6e7fd5a492b1991559b854d8f758bb7cba6af81d8738d6db6a7f0893"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.186.250.143
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 0
server: TornadoServer/5.1.1
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 01:29:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=166803
Date: Thu, 01 Dec 2022 01:29:20 GMT
Etag: "6387ec03-117"
Expires: Fri, 02 Dec 2022 23:49:23 GMT
Last-Modified: Wed, 30 Nov 2022 23:49:23 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /assets/032bcaf74c0de2c93c8e.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 33612
cf-bgj: h2pri
etag: "63875a03-834c"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JxBANMvw%2F%2B%2BK%2BiIsMSt8k%2F%2FBgZ3upbxkRp7k8%2BB%2FlO62h9x2kknHQdxRgdcZvgmrlB0hQAg4YG%2Boqnaq5lJfRvcx1JtoifKyFVHb4Gs%2Fg%2BUyM7yB%2BWuP%2BvM8Clk%2BgGVSUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580e1c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x390, components 3\012- data
Size:   33612
Md5:    e38526805379a23a1bcfefabf38befa2
Sha1:   afe5306e0df615f7238ad8fe41b33ecd38c10fd7
Sha256: 999863c911c86160c1f2721524580942426d157547b36985f643aeea0dab4aa1
                                        
                                            GET /assets/2c7be58264048611fef5.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 1574
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: "63875a03-626"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HyEf6I49CnV0mEw8sgbWMXhaoLmnaJrzmztBj9ERj11oJof7FpppkDB7KMzKXtYQbprM%2F8mhCm9GTet8Z6%2BZsSg7ngnj%2FVSJRTTRPTu6%2FDEehereMiP0srJGAH%2BrZU94QQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158101c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 61 x 98, 8-bit colormap, non-interlaced\012- data
Size:   1574
Md5:    214628994adff396733825e7b9778ad8
Sha1:   cfcdb02dd750c2c56ce0df960f032865d0315d24
Sha256: 072083cb6a8af8fdfad3087d4aafe1fbb1ef96c4863dc53d9f1483ce83937dfb
                                        
                                            GET /assets/47ae6a5ba10cda2c9e0b.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 20958
cf-bgj: h2pri
etag: "63875a03-51de"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atV5rbKlkQXnU5AQpLQapYACylWOY4fd8nyttNYmyiUJhO0TuWLByXaypBa5X3EJad3ZKDTSEnxoeUv%2B9FFFqvSI4CMap%2BuV97BBuAeATVpQeaT4k5qG9LI2ZEGiCDFge48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158151c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Size:   20958
Md5:    56b1d087e07bfce17502f3d15a29599d
Sha1:   1a3fdece929142b64a427a813298a4278f9c9a3b
Sha256: 06bda10f4f886bd1dc58e72919dce1d5ef8395a9103cc719c333088ae7cf6677
                                        
                                            GET /assets/06c49b18302a6f35f315.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 20712
cf-bgj: h2pri
etag: "63875a03-50e8"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkEbX6lev%2FFi26ZSboc6MXffwIf8wK6%2B26J%2F5VZoDQEIOuJPqjMEeeA1VBjirgFnDsk5D1tazIU46jsqrRMPw1IAqZFwuCBnxbCpvj1h4WiTEUFpGmK4RLYMFiRgbGg0Dak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158141c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x375, components 3\012- data
Size:   20712
Md5:    0d0464ad4924d5189707d2508a818e37
Sha1:   d40c4e3dcaeaaae3eb66d3ca096f8569c4605e21
Sha256: d8b8c213ff1fcd97e0cbb4ec056712bfed39405c65a20135135328b5ad1104af
                                        
                                            GET /assets/d4df7c721715d3197d35.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 33816
cf-bgj: h2pri
etag: "63875a03-8418"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcvtKiCtLDHeoigwYo8sIKDHHyMYCoVI30rKOB8Pz%2BQbc0dTVfRjBd%2B5RQn2oqDte1Z17dnu4HPDqDObBtCEleHe9KL%2FxicFIy5v8ZtMMbQqExhr8%2BFzwF1esxaeymw12DE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158121c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x499, components 3\012- data
Size:   33816
Md5:    785457fd7f81715119251bcf4c1a8f56
Sha1:   66cbede5b601e6d0857441c939e9798493e812c2
Sha256: 32bfa591e8f2fb193889b21a3ec397e4029a5eeb22b4f1a718b056978013580c
                                        
                                            GET /assets/848c59c46246f7f3cae9.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 12409
cf-bgj: h2pri
etag: "63875a03-3079"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCWSO5l7S7I1eNkgCE%2FYAJtJyYzIw1HUBsK%2BYPpUn3Po1OARfyFyZF1nTc%2F8vUJwO0mKFjd53Jk7Vuq5JdgTJQjyCxzbAbSpdy1EHXhTSuVZ3Zsi8L4Kjor7wbOtchhmzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168161c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 360x241, components 3\012- data
Size:   12409
Md5:    147a131b97e24b606548d78e8fa56e63
Sha1:   b746629c163d2cc3f3ac1d81b9bed35e682e85fc
Sha256: 10e26b8306c1bc3958e6b243fa4dd0aae70c197f460a9eec192dff846ba8aeaa
                                        
                                            GET /assets/1418d3d54dbb9471fdf4.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 54789
cf-bgj: h2pri
etag: "63875a03-d605"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wb9N%2F03ZV9xM5GTv5pmmOCvxVM%2FpBbEcbyCR7HLXHun6%2FuV632gZsM6Ponu2D5ItnMSdotmFgNyA6oHULqR1Lm8gCOznCEQ94X%2BMXcUeiU0Pn%2FT242JUptuHOg%2FutZSWoJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168171c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 554x414, components 3\012- data
Size:   54789
Md5:    6d4697c58b5ca314ed5e18bd8ca6b9ce
Sha1:   2a6e9b8a93d359dd492fb3cfbb2bd768c28aa6cb
Sha256: 7d38705aa944831049bd714c99d3912f3528c27c5bbdac5bbd6fdcabef869bfa
                                        
                                            GET /assets/0e8214b6a04a80b2ed65.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 118495
cf-bgj: h2pri
etag: "63875a03-1cedf"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MM%2FUAT2v8F7NWrTujPho0hmQwbDvqUe%2FL4X0F3YnQN6ZJOwZ7DidJflkrdl3r78wcNu02Onl0R9kiLy3VrXx5vyWsFQNxi9V406xk0w6QCnrKbAMOrB9TXnsYytzjQwIv5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168181c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 507 x 500, 8-bit colormap, non-interlaced\012- data
Size:   118495
Md5:    fafd80f19f1c7b5806ec7f6935872cb4
Sha1:   d8c6a473659ac0ba5472bcdfa4b7dab91470ed07
Sha256: e65ad8065b9444d3881bb4d2fdd160f90f1babeb7a0f712f288a77aeef18ad87
                                        
                                            GET /assets/56d040d1d8bf3bf21d63.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
content-length: 55200
cf-bgj: h2pri
etag: "63875a03-d7a0"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7FHqZYKZtNbQKQun9Tn4AMM8%2BCjVMVNGYMOwMdvqgKSWVvHCf80yufeHyI2kkGiN3UjFqj%2FTztVzs5Xv%2FIuiVzRQMlPTVUhVZVB0Ae9zEBqYTZ6cno3fvmLbdT34KRHrKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21681c1c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x620, components 3\012- data
Size:   55200
Md5:    9ddc7b6cb356a6d2e99eed41cc1734de
Sha1:   e1da98ccc6c5198d528384dcf0796de766475488
Sha256: b80543c059b42b12ff905047b8a8f5d6f4b676febb7edc65aa602e64248dd837
                                        
                                            GET /js/_global-config-sd.33011211.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-16d"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfeUzZCOhJGMT3f6tX486NFfG3eBdD4ipZmwPB3tlntEaTdGE6Gn2PNZMTg%2FYGWe0Cl5nPQEr0jmSH5VLUk7AGFniAk8EhDbO5WGHGwJcBny3JzwGo8hNgKnT%2BPCacchYDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158041c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (365), with no line terminators
Size:   52790
Md5:    520eaa068cdb9b6f72789e9e987be6c8
Sha1:   a7affed624960476b09e6c0477b7786d2995181f
Sha256: 1e57c4b5fb32d362ea41ba2c2af94e2973d4f63f8aabc8b378878beefab118f1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 01:29:21 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 14:26:18 GMT
Expires: Mon, 05 Dec 2022 14:26:17 GMT
Etag: "49c5098d8603faa9a3a1401c03cd2a7b17ec66f5"
Cache-Control: max-age=391616,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77280d1dbdea0b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "455BDA3629E55C1730A67D5D82C68E4001F78F8019A755178225624E16076E80"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3900
Expires: Thu, 01 Dec 2022 02:34:21 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7957
x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PGgNIAMF2Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5et72pBhP9fdm4fNy6V5AJjs7B5N3HUGgaToNJV3LbA59D-0QDAMvw==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:31:51 GMT
age: 79050
etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7957
Md5:    37004182402c955f288eb1fa8df7aef4
Sha1:   01a07f9a5725f608fafeced7b3d1ebdbcb776c29
Sha256: c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7609
x-amzn-requestid: 1a464872-7c15-42d3-a12a-f344adf99662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PHVUoAMFf4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-3f77f387752222b212d6e2a5;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XUcf5sxPRTQEOS_HWPDW5ioStuq1TPMKvKQSRi2kZI5TbTWEVKFfog==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:42:48 GMT
age: 78393
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7609
Md5:    0d0219e6bee2a28f003f396f872eecf0
Sha1:   b3d22d146c6094cb539de40a72b9c5a140802ee5
Sha256: 41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 12030
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10437
Md5:    291127b670135b42b6e9687aa2a13237
Sha1:   99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
Sha256: 49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2382
x-amzn-requestid: 7279ff68-1e32-4c57-9b9d-f5803a19e8e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJYQuEmEIAMFkeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806d9e-2cf28dc150b53b9f3c60bb4c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:24:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UaUyc03Gw0P7G_7gjAyp-c3XxjIDbllO7lmG_8UWVCuBP4WgEgSydQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:26:41 GMT
age: 39760
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2382
Md5:    f5469e846da1e0f21cfc480f56a656a6
Sha1:   b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
Sha256: d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6036
x-amzn-requestid: ad1d9f29-4a4b-4b5f-b29f-d2e5849b5c1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMQGoSoAMFUnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe7-40e8de13537ad17b3b28e1c1;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7EqSYILMuuXaZkdkEPxROiSw3HU1zfjqpXDU4TqBGLdNSWyj4Ioezw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:46:29 GMT
age: 13372
etag: "4593bb86a0a61eccab43063cb3c0c797abea5b46"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6036
Md5:    83e8a8c500dbcb636ad4a57a10de8adf
Sha1:   4593bb86a0a61eccab43063cb3c0c797abea5b46
Sha256: fd9bc5cfa9db9999ceba780a3c801663ae3a9d115fc968f633800da2a680d49c
                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 01 Dec 2022 01:29:21 GMT
content-length: 65
access-control-allow-origin: https://findyourhalf.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fef155038bf9490c9d567967d7250d70; expires=Fri, 01 Dec 2023 01:29:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    3f4c603a0dccdc07e2efc3ffaef41157
Sha1:   7f4173c0c3ad275338cc42a71669c5470f3d5de1
Sha256: e2589a50d73b73633cdfe9e6b6deca8d938f131a2d1475f0b3a57860927a5a05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:17:18 GMT
age: 11523
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5295
Md5:    eb4b8985f697c1ff7753d3961fb4f67d
Sha1:   b412d62d44993500b947a38e8e242d0c6d6b7588
Sha256: 571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B1A63DDF2500DCC3151C6C58D29B3D124D6E21DAF0864DF70CD7AB7D25171F4A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13440
Expires: Thu, 01 Dec 2022 05:13:21 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

                                        
                                            GET /track?offer_id=2061&z=4655142&request_var=6100_8532&variable2=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab HTTP/1.1 
Host: itcleffaom.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 01:29:21 GMT
content-length: 148
x-trace-id: 5c9cd1c57954ad33c2eef1e13edaba96
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   148
Md5:    673cfa6261713c037f5e6d0d8cebc7e5
Sha1:   3fa4ef98e3409901f9d51f1bd651a130506aed6b
Sha256: 546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5822F506962C5B9C376CD4DA49A074F37740776B4871BB6745C4453C359E27F3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3424
Expires: Thu, 01 Dec 2022 02:26:25 GMT
Date: Thu, 01 Dec 2022 01:29:21 GMT
Connection: keep-alive

                                        
                                            GET /rotate?zz=5473379;5473399;5473396;5473423;5473382;5473432;5473425;5473415&var=4655142&ymid=6100_8532&uid=fef155038bf9490c9d567967d7250d70 HTTP/1.1 
Host: itcleffaom.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 01:29:21 GMT
x-trace-id: 8ea89f32dd9694563da0f747d9e29f42
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://findyourhalf.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=fef155038bf9490c9d567967d7250d70; expires=Fri, 01 Dec 2023 01:29:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6937
Md5:    ff573f54d7cc8a7c6f6d4216b926b765
Sha1:   8be65c2fc7ec3b9920de7506935ca76fdd6bdd4b
Sha256: 4bf0e887125120b044454669455e278ad6f9272d283dd883685b38a88e820e52

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img/fav/heart-16.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 01:29:21 GMT
content-length: 670
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: "63875a03-29e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NxA0T76uGSeMQ5sY3DMD8kmGlToXozbr%2B2N3LEL7Wl9QKcoV1fbC0POTbTR%2B9oscBJ4I0WwjYRgiOevOeOfpvUN%2Fbe1it0jDF6fQo9oiTTSMgIC9AVC0T6unAUzFSzdOuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d262a071c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   670
Md5:    161113cd0cedcbb5a4a76ef87c00b0ea
Sha1:   ec807c2867bd4ff3c3aef6ff966ae1648832591b
Sha256: df545a40f6092920cf46af4e124e550273bc0b9aaec5f137f3d03ba91aa02274
                                        
                                            GET /stattag.js HTTP/1.1 
Host: cdntechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         188.114.97.1
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:21 GMT
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGCd%2FMC2kGkMdu0srg14g1LqzhrDuGuYNqzPJXb21lRrixMopS6B25K0Ak3EioE%2BtEjVIsQu5bmglmLyMow9kvyMLcrVvnk7f%2BpK%2BNKliji%2FuUzRIkuzIldo%2Bxgp%2BruiTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77280d2619110b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12932), with no line terminators
Size:   5561
Md5:    19e728dfa50d69558170e5034c2d792e
Sha1:   d9d10487cec4ec5a593316402607e68217728dbe
Sha256: b05c252e40b9a019b9bde8e013387d00eb8d1c92a10beafca50daa97a022827a
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         151.101.194.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Connection: keep-alive
Content-Length: 937
Server: nginx
Expires: Mon, 05 Dec 2022 00:50:10 GMT
ETag: "8eb1de4a6229a19a55537a226edfe520b545772d"
Last-Modified: Thu, 01 Dec 2022 00:50:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 01 Dec 2022 01:29:21 GMT
Age: 2350
X-Served-By: cache-qpg1244-QPG, cache-bma1660-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 10, 17
X-Timer: S1669858162.735543,VS0,VE0

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 73267
date: Thu, 01 Dec 2022 01:29:21 GMT
access-control-allow-origin: *
etag: "63875d46-11e33"
expires: Thu, 01 Dec 2022 02:29:21 GMT
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size:   73267
Md5:    1d79426653c3b55939eaec59a2ce8ef5
Sha1:   c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
Sha256: 2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
                                        
                                            GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e%3Acdc419073d485f613f24358e7f7a71c98c4977ab&utm_campaign=6100_8532&utm_medium=4655142&utm_content=zd_public_v2 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 01 Dec 2022 01:29:21 GMT
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSuuihKH7N2ns2lOILJiCI9YNX5cRH%2BLx9xI5KACl3%2FWddIJDN55Y%2BVfn4EELAmzzSa72x6Nmy7K8WiubkHKeJejtVlfPLPfccyeC3XTyq9pz8bZRoRaOeQ5ODKFzA5SwXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d22386a1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   3102
Md5:    77e9522e7e4a821ca9571a02f62fbfba
Sha1:   f20095a4ed358e652eb314996a66d80f5612a60d
Sha256: a458eeb0cf6bee0cb7bbba1c7e0dabb98ce6e34391944a46fd45890b2abfdb6e
                                        
                                            GET /js/rtc.08b364bc.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-29d4"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA0rB24Llm4oPDcunT2sYbIT2Agzyta0obnCYJ4mu6K%2B4FsyDx5KVR4pInULMA8HQ4CIqlgaBC0AIpwK0IcilOBPKEla3NQWj8t7rWFQYv7srlqvzUrmelR0Ya8E83vT5fM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158061c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10708), with no line terminators
Size:   4458
Md5:    aa921b30e238a0f7a2cfa25d6626800f
Sha1:   3704a14752e12e7d0695b06afc130b9856f7ed3e
Sha256: 50d12ff08074ec572e1ecb5c6d3cdb4493e4f0f57a26a5d032d743452ee27316
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: *
etag: "63875d46-2b"
expires: Thu, 01 Dec 2022 02:29:22 GMT
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A958949102%3Arqn%3A1%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C82%2C1%2C%2C0%2C%2C133%2C1%2C%2C%2C%2C305%3Ans%3A1669858159635%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 302 Found
                                        
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A958949102%3Arqn%3A1%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C82%2C1%2C%2C0%2C%2C133%2C1%2C%2C%2C%2C305%3Ans%3A1669858159635%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
set-cookie: yandexuid=8331469991669858162; Expires=Fri, 01-Dec-2023 01:29:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=8331469991669858162; Expires=Fri, 01-Dec-2023 01:29:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=724658881669858162; Path=/; SameSite=None; Secure i=52B+rzR3+7pjiUNv9850BgE3YBgCpqlfSYuqsETKHCqXb5IJHijjegOX710pWK0YVbjGfaImISqdsvAVCrZUdfa57Hg=; Expires=Sun, 28-Nov-2032 01:29:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1701394162.yc.1669858162#1701394162.yrts.1669858162#1701394162.yrtsi.1669858162; Expires=Fri, 01-Dec-2023 01:29:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size:   400
Md5:    96e47476a8656d2e6bb3434e505d4e35
Sha1:   aed0edd019efcdd9257405f28cf0c7aa4a8c554c
Sha256: f899cccb8585239b864c7084671007c5806e9910334cc7ff25789791c4729eca
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A598566788%3Arqn%3A2%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1041%2C1041%2C1%2C%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 78
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /js/v-utils.js.10c42cc1.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
cf-polished: origSize=8634
etag: W/"63875a03-21ba"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUG1H3A3exsjGD4lgO9qwvauSdVFVf1OrmBM7HLFBNvMWm7gT4j97hmKO9x0CNIMmTRE1pOCeOCyGg1POoMr3evLbPIRcRUuaJvze8j32qTVOzMJygbHukP3bn0TwuKe3FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158081c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8631), with no line terminators
Size:   4436
Md5:    a639b77961da54c41c3edc912a7203ec
Sha1:   1d828d362f8a62954e9994ab743fe84329c02cf0
Sha256: 152561dfd35b1bbf66d709f138cbe1a595ee5a0fe6514de41f0a7dbe856879ec
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A315254435%3Arqn%3A5%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonStepChange&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A158386130%3Arqn%3A4%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A983252634%3Arqn%3A6%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrackImpression&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A26116150%3Arqn%3A7%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 199
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A609740988%3Arqn%3A10%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A838266063%3Arqn%3A8%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_8532%26ymid%3Da250352c-73a9-4c36-a79e-47fa5e26e70e%253Acdc419073d485f613f24358e7f7a71c98c4977ab%26utm_campaign%3D6100_8532%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669858162_904af971523679edbfaef017861df008eab640276761fce80e3f5530ab7d07e8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1418558140571%3Ahid%3A716597044%3Az%3A0%3Ai%3A20221201012920%3Aet%3A1669858161%3Ac%3A1%3Arn%3A491433084%3Arqn%3A9%3Au%3A1669858161691491787%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669858159635%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669858161%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 384
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.158.134.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 01 Dec 2022 01:29:22 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 01:29:22 GMT
last-modified: Thu, 01-Dec-2022 01:29:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8659991E2635191054954D969FA1FB253E6CD8363CA6274CE05348B908EF3DFC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6336
Expires: Thu, 01 Dec 2022 03:15:03 GMT
Date: Thu, 01 Dec 2022 01:29:27 GMT
Connection: keep-alive

                                        
                                            GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 01 Dec 2022 01:29:21 GMT
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: W/"63875a03-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0BSBFj1CtRlv%2B1nLeH9I0F5fzX6ometP5ruVMWqd%2B63J%2Fwzo%2FH5wI05JyUOtqfkHVlfUGHKmabvkvMTTeo8NuGNbmTsJZOitSiv0A049mZlEO9d199%2B0hH7fkW6z5Axmqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d22386f1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-index.js.2c18e767.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-923e"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoEfJFisiizHaefoYELzHi5Uhsd4LTeKMFJP7VdzqGm6dKvu%2Fs57lQ%2B2Ic4RGCETxRImIfBiPKDBCrggeCGLDYJQjQwMF0CdkJ79Mi0OPSv0bxi%2Bg%2BRSxjgiTwWDE9ZQMkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158071c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/survey-dating.42775b4d.css HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
cf-polished: origSize=9365
etag: W/"63875a03-2495"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KF23hrUGlpG%2FDwppbp0rIKc59y4SRgD3KcPz94Ooe4hWu3PIOaU7Nc6%2BEgBd3fXllymt2pMaUhP%2BYE1eNC6bn6qYSQ%2Bo6HwFY8eKYBL90sdWwz7pIkBsZ8FwcKqkc5eCmJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580d1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/survey-dating.bf46a302.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-476"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5xKIw7TxvXhYjxVzUAp%2FOB00zbGZzaV%2FHRSAEKOhtI79ru1m8jyiFpN%2F7QD4X8KfOEN9%2BnaZ%2FHBzZRvmaZxKPQdY6Sn3qaOJOhV7vT4D5bm9SmQdecd1klN947MgytxWso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168241c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-react-dom.production.min.js.19c87283.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-1f8c5"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHbWiBbfZnjaE9ePxuaAjTUP%2F1i30SrOxu%2BY052DbwkySh%2BBzT7jaH0sWYXEcod%2FRjy2erO9WBE5084I0KhxXMEyoSCNYPls%2F5gKJfI0NwkYxSiv6vUP7dVNHtw8Wni1Dws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21681e1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/survey.cd8123e3.css HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
cf-polished: origSize=19034
etag: W/"63875a03-4a5a"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdzQYvLQ17lrmudBkt%2BBLsqbnI3zC8g0TtXmFmammcN8NYfrzIj4zCybBEZslRz4ttu5%2BPxOwZwV9v5SdbZTsvFlTwmuZfPwXllU5M9zpaGsvOhaSk8deBzfr%2FIB7Ny1BfU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580c1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_8532&cdn=1&domain=laugoust.com HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:21 GMT
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
etag: W/"63875a03-1325e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XSiGb8WoStFtv13P%2B6bAT49qdSPF5r5Vdbg%2FvzCTehVdmMp4097hHFT6lNQDwOQXv8giOZ1noQHzA6uUBsIKcSY35dko%2FiLDFznV2S9A7sxk7g5ZIB7dI4rmH7rcPEnsM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2328b01c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/each-land-config.9797ee02.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
cf-polished: origSize=82280
etag: W/"63875a03-14168"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm0ooslnR0wEeDDppfp9Oj3Qzh963QA8R14W5zheaY5E6WvQlRBbtvkVzDTAr963Sw%2BjkmxYc4QH%2FOOIvK1JOaAcSigkFHgnXHylbqqRAWgMZh3uiyRnHO2QVX%2FY82XF0os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580b1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-redux-toolkit.esm.js.3f7dc52e.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-289c"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucL2BrqEwJpfJSM5588j15hT7P5YBwFU4GUOzaDA5d429emzECGE4RCLFIRKbz7nCFRjTmtXOa4RrffdF31IkG1y5wTjF68d3qdUUgvyxEv4vy%2FKCwB8s01yljjCYzooiGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21681f1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/survey.6.dda5ce24.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
cf-polished: origSize=206522
etag: W/"63875a03-326ba"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlHA8NM1oTGsvYkGzeDVDbi32ENVqEYhr9EHugCCQqzdcvTFO2sC8XKhcDA%2B1pzYodOrw8QTGUppgFlJvKSjFOc%2Bl%2BJjGC4u%2F8BjAQRvSKutlJEP%2FnXwrNcBiOn3EIY13Jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2168211c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=india-foh-qlcuy0j23 HTTP/1.1 
Host: 1865e08ae4.smapp.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belia-glp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.186.250.143
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
server: TornadoServer/5.1.1
clickid: a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab
x-service-version: 2.0.1
x-frame-options: SAMEORIGIN
etag: W/"36081df87166af0b89d166c6607df259f9ce3407"
set-cookie: cx_ntsl_i=b8c43486-f383-4d52-aa6e-30ba6e7d22bb; expires=Fri, 27 Nov 2037 01:29:20 GMT; Path=/ instal-cookie="2|1:0|10:1669858160|13:instal-cookie|124:eyIzMjQ0NjgwIjogImEyNTAzNTJjLTczYTktNGMzNi1hNzllLTQ3ZmE1ZTI2ZTcwZTpjZGM0MTkwNzNkNDg1ZjYxM2YyNDM1OGU3ZjdhNzFjOThjNDk3N2FiIn0=|b7a8cc8f6e7fd5a492b1991559b854d8f758bb7cba6af81d8738d6db6a7f0893"; expires=Sat, 31 Dec 2022 01:29:20 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_8532&ymid=a250352c-73a9-4c36-a79e-47fa5e26e70e:cdc419073d485f613f24358e7f7a71c98c4977ab HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bEMvQ8v3Ar7QXrGLjq4i31EopsYgnjLSFUTkeD0kD98%2B4E6MVXgpKIT9MTliKmPnpuTLqT4NyxpeH%2FjsHxThlmR4r%2Bpo8sW3hdeew9R%2FgUhQ8VAPx9GzbjoUDPpW71MoBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d209fcb1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-xhr.js.1d225573.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-b97"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtYd%2Bqqo%2Bj7rhHs5WSpLumPIBLJVT4owowMQI4Fp9eKwv2RM1In5ugUHlUnmjg8NGFk%2BwrOU97BeQaOqocFvIUeaGT1UuZIxSYTlpx3sVRKnB9DmBAnrLiHWQgWEQdR47AY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d21580a1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-AxiosHeaders.js.13fc3a8c.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 01 Dec 2022 01:29:20 GMT
cf-bgj: minify
etag: W/"63875a03-14fb"
last-modified: Wed, 30 Nov 2022 13:26:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JdPjHSnA%2B8kQ%2BkuZPIPYfXUIeVBuqno1dqsKYljkzBHu23tXUEi22SpWbyvCPLgRnx52NuK%2Bsr259L0b95AwEpcjqg6GZZ90nM0t%2BzjFWJsHXEwQQD0OzcVKPUfdpG08D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77280d2158091c16-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---