Overview

URLrerew.5e7d2.fw.wy5532.com/
IP 185.107.56.199 (Netherlands)
ASN#43350 NForce Entertainment B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-05 00:07:48 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
storage.googleapis.com (1) 420 2015-06-16 19:08:42 UTC 2022-12-04 18:45:44 UTC 216.58.211.16
1865e08ae4.smapp.work (2) 0 2022-06-08 07:21:34 UTC 2022-12-04 04:51:26 UTC 35.186.250.143 Domain (smapp.work) ranked at: 230295
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mc.yandex.ru (8) 2672 2012-05-21 09:38:30 UTC 2022-12-04 17:17:23 UTC 87.250.250.119
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
belia-glp.com (3) 0 2022-10-05 22:21:27 UTC 2022-12-04 18:16:22 UTC 3.212.50.125 Unknown ranking
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
e1.o.lencr.org (1) 6159 No data No data 23.36.77.32
findyourhalf.top (29) 462646 2021-08-24 18:04:38 UTC 2022-12-04 21:58:20 UTC 104.26.14.100
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-04 17:12:40 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-04 17:12:39 UTC 34.117.237.239
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
rerew.5e7d2.fw.wy5532.com (3) 0 2022-12-04 23:55:39 UTC 2022-12-04 23:55:39 UTC 81.171.22.5 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 100.20.30.105
cdntechone.com (1) 64371 2021-12-24 17:09:58 UTC 2022-12-04 16:57:56 UTC 104.21.29.183

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-05 2 rerew.5e7d2.fw.wy5532.com/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.107.56.199
Date UQ / IDS / BL URL IP
2023-01-31 15:20:08 +0000 0 - 0 - 1 yqvoess.aa.wy5532.com/ 185.107.56.199
2023-01-31 13:45:51 +0000 0 - 0 - 2 mkuu.626e0.rt.wy5532.com/ 185.107.56.199
2023-01-31 08:57:24 +0000 0 - 0 - 1 re6ff3e.vz.wy5532.com/ 185.107.56.199
2023-01-31 05:59:37 +0000 0 - 0 - 3 qwqwq.311e3.sn.wy5532.com/ 185.107.56.199
2023-01-30 23:41:13 +0000 0 - 0 - 3 edcvr25789.by.wy5532.com/ 185.107.56.199


Last 5 reports on ASN: NForce Entertainment B.V.
Date UQ / IDS / BL URL IP
2023-02-03 12:47:21 +0000 0 - 2 - 7 info.seroteforoh.com/?v=1.02&c=dcbf5a30&at=15 (...) 77.247.179.82
2023-02-03 11:58:46 +0000 0 - 0 - 3 andicomedicalsuppliers.com/chromestre/41on892 (...) 185.107.56.53
2023-02-03 10:34:25 +0000 0 - 0 - 3 inzestmuschis.com/inzest-porno/die-milf-und-i (...) 185.107.56.59
2023-02-03 03:27:00 +0000 0 - 2 - 6 rp.seroteforoh.com/?pcrc=1950872687&v=2.0 77.247.179.84
2023-02-02 19:57:11 +0000 0 - 0 - 2 ohadv.com/caign/camp.php 185.107.56.60


Last 5 reports on domain: wy5532.com
Date UQ / IDS / BL URL IP
2023-02-02 10:55:45 +0000 0 - 0 - 1 qwqee.1e534.tv.wy5532.com/ 37.48.65.148
2023-02-02 04:11:22 +0000 0 - 0 - 1 rhuugcf.wy5532.com/ 81.171.22.5
2023-02-02 02:43:33 +0000 0 - 0 - 3 2490b.zz.wy5532.com/ 37.48.65.149
2023-02-02 00:45:04 +0000 0 - 0 - 3 uyclvmqe.tt.wy5532.com/ 199.115.115.116
2023-02-02 00:17:09 +0000 0 - 0 - 3 1de74.moedcc.wy5532.com/ 81.171.22.5


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-03 10:36:27 +0000 0 - 0 - 1 meetamate.site/survey-dating.html 104.26.3.11
2023-02-03 05:45:06 +0000 0 - 2 - 0 8yy.youfindadate.top/dating-survey.html 188.114.97.1
2023-02-02 15:58:27 +0000 0 - 2 - 0 youfindadate.top/dating-survey.html 188.114.97.1
2023-01-29 20:24:20 +0000 0 - 2 - 0 b34.youfindadate.top/dating-survey.html 188.114.97.1
2023-01-29 16:09:01 +0000 0 - 2 - 0 146.youfindadate.top/dating-survey.html 104.21.50.238

JavaScript

Executed Scripts (28)

Executed Evals (1)
#1 JavaScript::Eval (size: 79) - SHA256: a2321807937374056adf2c36b8f106857bcb26cb943ebd7ae0f8c0d4db613f8a
(() => {
    const a = async
    function name() {};
    window['zxqkgrialf'] = true;
})()

Executed Writes (1)
#1 JavaScript::Write (size: 4) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0
2022


HTTP Transactions (73)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: rerew.5e7d2.fw.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=1f87013e-742a-11ed-a5e9-342bcf6faece
Upgrade-Insecure-Requests: 1

search
                                         81.171.22.5
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 486
date: Mon, 05 Dec 2022 00:07:37 GMT
server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (486), with no line terminators
Size:   486
Md5:    bcbf294e223c3cbf692a4fbfa6774349
Sha1:   4f70fea2f129ef0e3aca3091f30fe4bf0cc6f85e
Sha256: 0b3d4591d3f24c3a09dd1ab7900b31d9a9c617d34c7449cc91a55e07fe9f31a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3218
Expires: Mon, 05 Dec 2022 01:01:15 GMT
Date: Mon, 05 Dec 2022 00:07:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 940
Cache-Control: max-age=124760
Date: Mon, 05 Dec 2022 00:07:37 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:46:57 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 23:18:25 GMT
cache-control: public,max-age=3600
age: 2952
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9504
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Mon, 05 Dec 2022 00:07:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: y3q18wBmC60OjKQE0Z19JHkxaJG0P+/bCk9+DPBp9jYdaJzKbN0C5mER06Y7fQa/pTeMjznt0LsLE6OPuZT8kg==
x-amz-request-id: TYYBB1G7T0Y39V6Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:45 GMT
age: 1192
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 00:07:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: rerew.5e7d2.fw.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerew.5e7d2.fw.wy5532.com/
Cookie: sid=1f87013e-742a-11ed-a5e9-342bcf6faece

search
                                         81.171.22.5
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 05 Dec 2022 00:07:38 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 23:11:19 GMT
cache-control: public,max-age=3600
age: 3379
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDIwNjA1NywiaWF0IjoxNjcwMTk4ODU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21ycTBvOG10Z3FxdHJyZGMwcW43azMiLCJuYmYiOjE2NzAxOTg4NTcsInRzIjoxNjcwMTk4ODU3NTUzMDEzfQ.wfcN9C_Qala0xf8gCmFm7_bcRqWjYXms9b8ZtpVwUs4&sid=1f87013e-742a-11ed-a5e9-342bcf6faece HTTP/1.1 
Host: rerew.5e7d2.fw.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerew.5e7d2.fw.wy5532.com/
Cookie: sid=1f87013e-742a-11ed-a5e9-342bcf6faece
Upgrade-Insecure-Requests: 1

search
                                         81.171.22.5
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 05 Dec 2022 00:07:38 GMT
location: http://belia-glp.com/zcvisitor/d3e11835-7430-11ed-98f0-1291aed6fbd9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
server: nginx
set-cookie: sid=1f87013e-742a-11ed-a5e9-342bcf6faece; path=/; domain=.wy5532.com; expires=Sat, 23 Dec 2090 03:21:45 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 925
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 00:07:38 GMT
Etag: "638c632b-1d7"
Last-Modified: Sun, 04 Dec 2022 23:52:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /zcvisitor/d3e11835-7430-11ed-98f0-1291aed6fbd9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97 HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rerew.5e7d2.fw.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:07:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: fOQAhZAG


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1098
Md5:    8f9e53741f48d9ed914690cafed7b9f4
Sha1:   6189dd132663be41bf817286deef164ac7703a27
Sha256: e7e883f510f30f313ba5035214868da2eb7e046bee1f05843df0987b80397c76
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3Qb7QhpK9ZzFtsT3wtCb0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         100.20.30.105
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TBEKSRLzAOFlbjjNXH/CwJyEtkU=

                                        
                                            GET /zcredirect?visitid=d3e11835-7430-11ed-98f0-1291aed6fbd9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcvisitor/d3e11835-7430-11ed-98f0-1291aed6fbd9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:07:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: VapajXGC


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   426
Md5:    104a2f14892e426a4787dfbb3fb92be2
Sha1:   b262afbb6d3de2841b4d716edbeed186faf469b1
Sha256: 690de3ff202e994cdf8dec9a992c6785aa30fd95c35d7395270a229f66677a29
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcredirect?visitid=d3e11835-7430-11ed-98f0-1291aed6fbd9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.212.50.125
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Mon, 05 Dec 2022 00:07:39 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: BvvRxpog


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:07:39 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:26:18 GMT
Expires: Fri, 09 Dec 2022 02:26:17 GMT
Etag: "2261d9748610ab7553b6e71e750d2b6404cf225e"
Cache-Control: max-age=353317,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77488af4bd181bfa-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:07:39 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:26:18 GMT
Expires: Fri, 09 Dec 2022 02:26:17 GMT
Etag: "2261d9748610ab7553b6e71e750d2b6404cf225e"
Cache-Control: max-age=353317,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77488af72e751bfa-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImI1YjY0ZGExLTYwZDYtNGFjYi05NTAxLTk0MGRlZDA3YTZkZToyNWFlZjZlMjQ1YjAxODQ1ZGJkYTViYjVkNWE2ZDA3OGJkOTA0MGYyIn0= HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         216.58.211.16
HTTP/2 200 OK
content-type: text/html
                                        
x-guploader-uploadid: ADPycdtSZ3sL67i3DGI8Q-2QeYZPqKUUMaXg_kK17L9rV0MmsvLRar_U6oUozSrq1E3o9ml8dnzcp5xgvWIacSQU7IpGbg
expires: Mon, 05 Dec 2022 01:07:39 GMT
date: Mon, 05 Dec 2022 00:07:39 GMT
cache-control: public, max-age=3600
last-modified: Mon, 10 Jun 2019 16:09:51 GMT
etag: "54f99c9e98a5b4f17b219e94417e6d2f"
x-goog-generation: 1560182991115409
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1357
x-goog-hash: crc32c=+7k9hA==, md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1357
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1357
Md5:    54f99c9e98a5b4f17b219e94417e6d2f
Sha1:   80247746ede724755155d0aa8c0082c8b00542bf
Sha256: c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
                                        
                                            GET /api/v1/click/confirm.js?data=gAAAAABjjTZLl_OwGW674S7NYsrdRQnJ6KMfyD2k2hgiErQ5w9GUVFSVkRN86WbGW-sQoDsBWa9GbMPW21Fu9FgBGqXk1gZbaJpeGyYxvlBY8nK_6csAEjcVKV2jNmFS-eihBxCpYoboE98AxseLVg2gtBMM9IYz82kzuDPF_Pkj2gvndnAqG1C1oHGyi-c2ojN2kgf83y6ZLka2jlGyfWRdsHkF7RlBXZbLnpCIgF1phTMRTAq-qImlLAimwES84u8WBaI98JrV4lc8NNA1mK8N6D6h1WsQwdnazTV8sH_QgDshUurOuzlUwM-I34iqYfnvUdo34gsDyoZEL6ihhWc-5olH_Aeeg-SnziYnWCaTgGfo1ut3c6liNXszZ2vrWQq1wSNkqrHTqbJdK5zAp0lD34ABOwMY9z7wDp0_H3Jvrw65mEC2FysAbBvh-ZpMURYDhLscHmD88Rxzi5ff36PnIpNZwyj4sSKzq4TccyN4F5-CeCV8fbBqkKF_hs9aSAkC25pSeVcULQJBuzs3wWVaSq-zleoKmtifqbuo8pCMvy0dPcPKxN9JOiHrfUEJXRVBJwEGf3BGW4tMZybdcCbNqUBKmPOESUfpzcSQSsmEUtFxapwFCaZKGPD6ksMS5kG8tQBo8GIrOcxm7vtRPEGFwi3S28SAQkRj7WIVPJWmlFM6_2CZZEYcMSi-AMbTnTH2BDKKgWQnLetX-B--p-jiZ6Ry56P7n3-syiREsarqZoyUgDGIzT6lzcY5n9-YVn6q7TVs2TidfjHVkLy1Mn-C561Qw2OuP375H8IrV3JH-fQYt_gBJziqhpu2fXBUQqOo9FYN2FiLSnFhCex64ziFpjpbTF_BrOGU0txRJt1xzpvKpfgKXBgXBZR5EF5GdBEW-vke6BXo29-qDmKjzQRvX8wd79KGKzeR4MUTV3EDsLvTQ98_jEoIhpI8GtGQUWAhrNKu9tkKI9WKR_prLGkXtJVnxl9e8gICq3FUnTV1NRPXsU3zR8SB6PlT4P5Ry_56qnOcMQ-HE3EOVBPFGeyTO6f21P5hdi_-Yx8L6mP_bOTFrDy4uZX3suhlYAialbrAhmuiTt7TO_jCrwD25TrvmmfUpTe_NLuuPNUdQDyW3B_T5g60B9PCEMBQ5eMTDtI6_6aHM77qzKsnNLq3h_Nq2nSRz3wOiGRQ92ZgGV1iUSm8xCBqZBZucl5iyYgzEwWImYS4GmJuJq1RFE9x3T5X47uT7ZfKyoY6A4Bbkdh-DaiCZR6EhMcUiDxFIVbv5E_c-DnCdYK1WKHKGj_0F5LGMWnAteFk2TZ0CC_Lk-0984RzXPE_EjdnhIgQUk_vghwOtiyo4i3cRTHPVTfjl7WrmzCtN84P1LCdLSI-DiEY5dsizYegACDQ6XVz3IVoWQyURLLDqleF7N2PWx6cThv8tVISxseVeo4IF0A3cL_dfPdUELM_3pGXKVujJPFJCleDkANuoLqqAOraPmSOPhYu6OILWdqhgZxkZtK6ACEsyMY3jegz8Rc0mKcgQzVWLyeWCPlKD9gEAwTn3dtiijMbDg81a_Ax_uTdzxMLQcIbUpAdDbIvKs4UZmnYwxSB7DzNbs2ab9oPteCX5iwxZR2eKOvANJ8rtSUt-NHiVWJv6i6ZBggT0ZyV-W4QYi2_9LxkW_C18I67YOTxrEflXFTq1O5EBXVlb3u_eL49m3MuaCaAghDuk0KvRwNAf6lzCJyZnFDQ9Tw09ROwRrBqThPoZFYGjWjDfWQDnUB8VusOhR6ZRee5WoOtHPO3lAoZNIG5FBtYbKsMWU3K5T7-KywU7SLWOFPNuTCceWzk0VOI5ZVLfvTlq4WpOJ6FwScur2QFesMHZerhlu9fMo2VEtyHpQfP4k0B7-f3nFmYqis-U4i2nQI6ZHKTZhumHnvnSXSGuSfAe6d09RngnGacHpVYs7puqqOn2bm6oDfPmu_pmWspBeDwLesFGtYmacuA0jZuN43h-BLcLrSQXXj1PfyU_gPeoSUbzy1XmFQxujZVv2si5yr9cyZlDU0Ociut0mFCVacnuyzwNAtQAtnKf9sXm1sgPQyBt5wKgqc1P-CXlz0swoydcS6U2dGveMc05aiQ8HffRiCoDw_jJ44U4y9T3rm0vgP34Sq6EtjEZ_7e71zOuvMWWXfGSFePpSacp2UWvWQwwL5RLFO3J4RgpJdPxNzf-uE9XqO8p5k4CQZ9ZlnGEsKzB2e-_hbiyw4pJczZgJ7kds99B2mutWK2GB_Vm0dBeHYjN3VBFiztgBmWd2xYEV86WFMWcn5ibsljc2d5byLqC_PYecW3RqeElyuLQ_jxLTd-nx3iH_yKLhsVPzYrbD0-1bCXJILilfgpQxUrjTBFEAHHa_z7Va-YDJT-kZ9sosqqINDtoZSnN5ky4dL6ZFHoKegacd2c0OFuTr-kALmArCVB8RcRaW5zy1lLhvaYllFOpmi4s29HbkUrV9AeXrI02hZtBoqdrigaBtkkLx0GYr5oYML74Y5SBaaJErdq-bnx19x8DvNH7Jv5LF1FnresHF8psUZVQX28PDZ8lTtZkRg1_4shMN0h9lVBXyrUso2H2Q%3D%3D HTTP/1.1 
Host: 1865e08ae4.smapp.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=romeo-sic-vqpeyj59e3
Cookie: cx_ntsl_i=592d64d2-37b0-4ec8-927e-fbb5c513c121; instal-cookie="2|1:0|10:1670198859|13:instal-cookie|124:eyIzMjQ0NjgwIjogImI1YjY0ZGExLTYwZDYtNGFjYi05NTAxLTk0MGRlZDA3YTZkZToyNWFlZjZlMjQ1YjAxODQ1ZGJkYTViYjVkNWE2ZDA3OGJkOTA0MGYyIn0=|947493344c5bfa33505ab140587eec176d1147cf3557697be7e88ff76ec3594f"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.186.250.143
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 0
server: TornadoServer/5.1.1
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/d4df7c721715d3197d35.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 33816
cf-bgj: h2pri
etag: "6389ea60-8418"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIT0MuUkSt3ipQbWGzLqfrj76vZD9QBrOwQzEiaLabofjXC%2Fs%2FsFGSIg4011X7isfTkXP2sDnCv9M0S3LAFagBBMisWdi6SfhaYD5rQW873mj6GoJfzmZLfNRuNMfrt8qA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b85b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x499, components 3\012- data
Size:   33816
Md5:    785457fd7f81715119251bcf4c1a8f56
Sha1:   66cbede5b601e6d0857441c939e9798493e812c2
Sha256: 32bfa591e8f2fb193889b21a3ec397e4029a5eeb22b4f1a718b056978013580c
                                        
                                            GET /assets/06c49b18302a6f35f315.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 20712
cf-bgj: h2pri
etag: "6389ea60-50e8"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLw2wFFxmN4Bk0y%2BOh1TcNSHF%2BkG0tVraf0F1aa9m8JRnFpcChu1vUnjI0n7sZwnC02%2BGz%2BVF2NDgwYzROtYXkOmDoBI8uPJlVUl8MnpTYxjuN7JLZx4uQ8FZzuYSnuNL1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b87b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x375, components 3\012- data
Size:   20712
Md5:    0d0464ad4924d5189707d2508a818e37
Sha1:   d40c4e3dcaeaaae3eb66d3ca096f8569c4605e21
Sha256: d8b8c213ff1fcd97e0cbb4ec056712bfed39405c65a20135135328b5ad1104af
                                        
                                            GET /assets/0e8214b6a04a80b2ed65.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 118495
cf-bgj: h2pri
etag: "6389ea60-1cedf"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGpQaOF0thdUPw%2FQA09iRHiq%2Bnea6pmEbSHlx6CnmKEDGfcFneocTAUw5ngiaCjzPPOMrXqhtjq2RwTeSjMQ4%2F9bfODKrWbo5xtkX8NHMUTmr8TcW44ZWIRrf%2FwruNY4iGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b8cb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 507 x 500, 8-bit colormap, non-interlaced\012- data
Size:   118495
Md5:    fafd80f19f1c7b5806ec7f6935872cb4
Sha1:   d8c6a473659ac0ba5472bcdfa4b7dab91470ed07
Sha256: e65ad8065b9444d3881bb4d2fdd160f90f1babeb7a0f712f288a77aeef18ad87
                                        
                                            GET /js/v-utils.js.bccc969f.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
cf-polished: origSize=8634
etag: W/"6389ea60-21ba"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usiU%2FkW%2FupwB0k%2BMOfsmz38ZQKofcRqE74kldmYw5GdnqseYYKembfS%2F4LMXt%2FI2rcaB8bMRMS4F%2Fox94yrdDBXnmOnN%2Bw4lAIzYQWP1F37jPq01vfZ8yctQyJGk0oMkB2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa1b7ab524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8631), with no line terminators
Size:   3961
Md5:    58b4de51d7deb64ba40c217295c67d92
Sha1:   0be7c7ae01dafaa3df97c952be583b84fadab106
Sha256: beba19620c09b110a5972dafa180ab18128738d69dd2ca0d84691110a76d495a
                                        
                                            GET /assets/2c7be58264048611fef5.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 1574
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: "6389ea60-626"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeNnJDKEXNnh9epWJEW16G8o9o7DDpqWAicZ%2BilUmubckphRiZ8E1LagTg%2BueaT3ecdogBYn7yEfXUvnHw1qMIfMDF8WrJo6FxvIga8OyrjKUrxvH%2F%2Fpn8YZI1njdkn1ku8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b84b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 61 x 98, 8-bit colormap, non-interlaced\012- data
Size:   1574
Md5:    214628994adff396733825e7b9778ad8
Sha1:   cfcdb02dd750c2c56ce0df960f032865d0315d24
Sha256: 072083cb6a8af8fdfad3087d4aafe1fbb1ef96c4863dc53d9f1483ce83937dfb
                                        
                                            GET /assets/032bcaf74c0de2c93c8e.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 33612
cf-bgj: h2pri
etag: "6389ea60-834c"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLJ385CpMPye7rZRZck%2FYYt2bNVhtPOUlpufv2oHo2o5EUIGCWHVuEeDW1qWYgjf2pjlwzmmaBBFoGMc2M%2BWeUwOwfWuslGqXe650xdgZVddU9mPayInPRwUBsp%2FY6pF5LA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b82b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x390, components 3\012- data
Size:   33612
Md5:    e38526805379a23a1bcfefabf38befa2
Sha1:   afe5306e0df615f7238ad8fe41b33ecd38c10fd7
Sha256: 999863c911c86160c1f2721524580942426d157547b36985f643aeea0dab4aa1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3760
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Mon, 05 Dec 2022 00:07:39 GMT
Connection: keep-alive

                                        
                                            GET /assets/47ae6a5ba10cda2c9e0b.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 20958
cf-bgj: h2pri
etag: "6389ea60-51de"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36xY9fBNXO%2FYoG6alMhuiTd6tFL9oZTEB2pVudrND3SgGNnnNMNJ6qv8GtAU0OYyNxwRBqedvcBD2oFln%2BidpcWcq1ZluwHj0Q2HICUyqsMfcKWvZtQFtlJhAne8n7lTvbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b88b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Size:   20958
Md5:    56b1d087e07bfce17502f3d15a29599d
Sha1:   1a3fdece929142b64a427a813298a4278f9c9a3b
Sha256: 06bda10f4f886bd1dc58e72919dce1d5ef8395a9103cc719c333088ae7cf6677
                                        
                                            GET /assets/848c59c46246f7f3cae9.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 12409
cf-bgj: h2pri
etag: "6389ea60-3079"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyKq71ybHGAQxWdodpLpsQ6z%2FZ2hgFQLb5wNKozPBCnLCaAU8ZEwows8zSNXpUzj7DZiFwmPPdFlDicp0Q0ry%2FYchW6ZJFMPwxOm94P0w7dzH47wf0NAAFdn%2FkRly%2FKl6CA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b89b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 360x241, components 3\012- data
Size:   12409
Md5:    147a131b97e24b606548d78e8fa56e63
Sha1:   b746629c163d2cc3f3ac1d81b9bed35e682e85fc
Sha256: 10e26b8306c1bc3958e6b243fa4dd0aae70c197f460a9eec192dff846ba8aeaa
                                        
                                            GET /assets/1418d3d54dbb9471fdf4.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 54789
cf-bgj: h2pri
etag: "6389ea60-d605"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBQ3NcGFUe3VhbN9vtkxv5R7YBEIDcgZ8oWB9AgLnZ6YHhDUGketEWnnLOYsLv%2BDR7g6u2w6amY%2FwnmeG%2BUYCGeL8qRBtSY%2BtB6G4WuI0ZEc5FX0TVHIZsMU8yZY4Zgm28o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b8ab524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 554x414, components 3\012- data
Size:   54789
Md5:    6d4697c58b5ca314ed5e18bd8ca6b9ce
Sha1:   2a6e9b8a93d359dd492fb3cfbb2bd768c28aa6cb
Sha256: 7d38705aa944831049bd714c99d3912f3528c27c5bbdac5bbd6fdcabef869bfa
                                        
                                            GET /assets/56d040d1d8bf3bf21d63.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
content-length: 55200
cf-bgj: h2pri
etag: "6389ea60-d7a0"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foLbWwLcnDtvpUHnzjtwb%2Bi6deYTjaihRyWAdHpA1Jw0ioQ5KadQvdxsu6pPw%2BmZranltk3JUl9YRtwM7kAiPs1zmaQD6pQ6R5EMajxgD257LsHH587FzCwkCZ5by0zSiJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b8eb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x620, components 3\012- data
Size:   55200
Md5:    9ddc7b6cb356a6d2e99eed41cc1734de
Sha1:   e1da98ccc6c5198d528384dcf0796de766475488
Sha256: b80543c059b42b12ff905047b8a8f5d6f4b676febb7edc65aa602e64248dd837
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:46 GMT
age: 74753
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    50eeb012f0903f0848c8afcd6b26a7ec
Sha1:   ff7740d3c12ce7ab23291272221c0d9503f9c139
Sha256: f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
                                        
                                            GET /js/each-land-config.073c5358.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
cf-polished: origSize=66699
etag: W/"6389ea60-1048b"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6PYVY9%2FeXcN5fxd3nmcA8qUzlxCQP3t4a6p17n%2BcRWsys5eEoAjG8xl1%2FhRBBP%2FYhhqoVZh7eTBcIfspBc5KWhs0m3dP8n2%2FHfr79BjUNgD%2Bd7Zwk8ql83SagfM18A5jL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b7eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   20924
Md5:    405781deeb4c9b5a523e5437097b5a64
Sha1:   59bafa3a7dcb9aac59bdda00317c7f96c26cd388
Sha256: cb900e9f95ad1bb6753738f27184532f85420cd38d767b1b195fb39086078317
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 71438
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12348
Md5:    b8e6f84dff61fedd8ff9baa9bb648883
Sha1:   f8d5cc7b315879b66a11b403463da1330617d2fa
Sha256: 025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3760
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Mon, 05 Dec 2022 00:07:39 GMT
Connection: keep-alive

                                        
                                            GET /js/_global-config-sd.aaec924a.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-16d"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHlaQdKwj%2Fg%2FXYFlJYuPx8KvgL4MeoBRNMkN7%2BxjSk8tUYoqke2Hsp64nHdnEHqVW5NrLkr%2F4XEoN6KLjMNXBIgfklxE7zIcHf3%2FzBo9J92OrgxanAxQcGJwGbs4M2c12%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa1b76b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (365), with no line terminators
Size:   773
Md5:    adcaf1d6ae86d42dedad2dc5095eb6d7
Sha1:   ab73cd0f73777b0d81cb56982eaf4e374ad9d227
Sha256: be35e113c9d9b0d9d5f48403d8ee11e2042a91f0540fbc990c8c4153b4bdde60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vhtd0Bo5kTQySEn0vD_RJin0usoC7GQvK74fhVtrtZNEy64_vrWQNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 8513
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10183
Md5:    99d1ff8fa2e095dcf2bda3d1e1af1221
Sha1:   f914f04a0e1fb45a221d31d2105bfc73015b03e6
Sha256: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8QEt6AHIT6gkW2X3RUuu1-K3lPlgjio-cckhiwppWK7vujPlBHrG7Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 18:59:33 GMT
age: 18486
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10031
Md5:    bb029b41d342a82250aef6d6f713be6e
Sha1:   cd754bb6094d2e456b95dce8daace45a0de8a121
Sha256: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XGO_QToLjgti1g7xU6jnUNtcyzzQZtc5pGmHqrtt6zD2dlVAN2BfQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 8365
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3707
Md5:    d7bde76a4dbab17f37747e7da55ad924
Sha1:   56ee7aa6cf94570b1218ef6e767a7036d0b8900f
Sha256: bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
                                        
                                            GET /assets/cee98b8342ccbf5e38ef.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findyourhalf.top/css/survey-dating.42775b4d.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 00:07:40 GMT
content-length: 52520
cf-bgj: h2pri
etag: "6389ea60-cd28"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd2%2FJ8grP2t63L%2F6%2BJ%2FzYul7Laqil3%2BUp1n0JKdsk7lFruoyhnUPytaSK7Oxu1O%2FgnuRLIj2WjvD0dxB496mpA3%2BWKSywarA%2FGpff5iMUyzcdd8%2F4%2Fz0%2B3NkBYV7FU8Z950%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afafc09b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 580x580, components 3\012- data
Size:   52520
Md5:    e995c62855e79bc0a572d8df717e70b9
Sha1:   e41bf68cfa6bc8a5edcd48cfa20fec6df4a9e494
Sha256: 679a6ed56604e14b1f0d997c72c7252dfc472e48c0b8049fde01513c120475bc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5976
Expires: Mon, 05 Dec 2022 01:47:16 GMT
Date: Mon, 05 Dec 2022 00:07:40 GMT
Connection: keep-alive

                                        
                                            GET /js/v-FormData.js.d78db025.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-bf"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPVVq1VzuEHH8tubU1EKTEnCb7q8J5uUwVPRavnqEIz6N15Wn15UVm%2BtgjXfUhZfKhGImbS512K%2F9UE9jItKcw9VJnlW52OFbxvfveD%2FZZIolF8zoavNQkamDFRoLmHPUMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa1b7bb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   194
Md5:    3f94035dc4f2282c4c41003ab164fecb
Sha1:   48adbfc51710f80db7ab50b160fc2d87679e1954
Sha256: 70a052788c203e13aba2398301d2c3ee45c325d6058e02c8b720881147fd28d9
                                        
                                            GET /js/v-react-dom.production.min.js.088acd9e.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-1f8c5"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfeZX%2FUox7Zpc4eiEkq%2FIzZQFJhZrzPQGQFv76zhVTwdH2%2BRt0QZQFIP%2B04Av9nnNVKc2bQchX3LeUUl6AK84dZt5NlGcdTTjVri8ZY%2FF%2BEQiHfS1QhR8oXuSfO3U7J1izw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa3b95b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   66880
Md5:    eaaf313ea8a17a79ab858cfacda7a7ac
Sha1:   60a63edbb06fb82be4dfb9789171532547fa9b1c
Sha256: 3414b3f9e36e14dc1b628f4b9a2e48976d7a76c2da85f5b653ac17991cd05100
                                        
                                            GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_2456&ymid=b5b64da1-60d6-4acb-9501-940ded07a6de%3A25aef6e245b01845dbda5bb5d5a6d078bd9040f2&utm_campaign=6100_2456&utm_medium=4655142&utm_content=zd_public_v2 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/html
                                        
date: Mon, 05 Dec 2022 00:07:40 GMT
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQnWZg2I8%2FSquqI%2BTlVdEDtQoeRUaSHow2fEW3Fu5CUXW3zEh0wsFomwo9WGBzOTPRRw4FdwW7AbDUTydlUu2mjZ4XNWpEVO52NEKvypOxrPBqp3cjJjMLacxbdEa5gNIYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afb9c84b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5130)
Size:   2814
Md5:    16940da44c2a50ed4862f224a218880b
Sha1:   80b118dbe57a259982050208c42d004dfd206912
Sha256: 69e380dc067d0570f66bf3bc98019219d85ac7ee13afaf2555bf32870f7fec9f
                                        
                                            GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 05 Dec 2022 00:07:40 GMT
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkJrUDbbVrF4wA1NdFcSw2vE9WkRxXc%2B2%2BpXPMYxQd9zLzn0Q%2BWY8nzqF6ogI6U7WlW6EA3tUb8sAGBKB86aa%2FTWnRLczZfgIk2yu8bwvX0VG%2FpZaQ5CmRMJUoHrm3F20OE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afd7d9fb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text
Size:   5113
Md5:    6470c04b50c0b3af18dd9bdf70604fa8
Sha1:   9baca5f1f1345693a98b21b78df31b89414c8cb9
Sha256: cdee25662b8c3a669d90669ec7b49e545b36a8559d4c25d0161b86006ef42b6c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "FC9A4DCAF897CBBE6D4350AEAA7B99C286ED1B6ACBF2B2F9E01D5593732347A3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7101
Expires: Mon, 05 Dec 2022 02:06:01 GMT
Date: Mon, 05 Dec 2022 00:07:40 GMT
Connection: keep-alive

                                        
                                            GET /js/v-redux-toolkit.esm.js.9fdf478a.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-289c"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Blebki7SMGWbcfLl8xlUwmQEbmA0UkyZ1JqJa2mszgMv2uFaraCNxx7DGJv8XBc%2BlAFr52fwZGsyoMQddJnUMrI6jSQDs3c7gyPFWYpJZzIGBebnISayNToh3S2UXKahYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa3b97b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10396), with no line terminators
Size:   8869
Md5:    596b47c8415805b4ac9deb647097b0ae
Sha1:   a2369932ffdb0e600fb9763c6e307e16622752bd
Sha256: e2c23f796ad9ba5e84ee4cb635e4d559195d701f8063e427ab366d1deb481e5d
                                        
                                            GET /img/fav/heart-16.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 05 Dec 2022 00:07:40 GMT
content-length: 670
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: "6389ea60-29e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9QkhMSjk6AHUmDeFZneIgCVsY48sKIdju5kYqQ%2BtXAWZ34509ArYVqXo17jNv%2BQ%2FxQeB6G%2B0fekJgoGvkXNrfQax9wDDlVeNcJkzOQdRBpbCZtVbySSVyBUZjNLr66TcjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488aff4ebeb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   670
Md5:    161113cd0cedcbb5a4a76ef87c00b0ea
Sha1:   ec807c2867bd4ff3c3aef6ff966ae1648832591b
Sha256: df545a40f6092920cf46af4e124e550273bc0b9aaec5f137f3d03ba91aa02274
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:07:40 GMT
Content-Length: 939
Connection: keep-alive
Expires: Thu, 08 Dec 2022 20:34:37 GMT
ETag: "4906f0b7705b7f89ab94bd510b5cb43c0e702fce"
Last-Modified: Sun, 04 Dec 2022 20:34:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2672
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77488affcc93b50b-OSL

                                        
                                            GET /js/survey-dating.49c7fd2d.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-476"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxnvZsameeZkI%2BQ51CXaHyLPgz5dneq%2BWDGwFeV8RdfEbtT8wAU5dQTudIdRV1A0hqUGTMdeJ3U9Eb0YIkXIQL41%2F1iD25lgf5fzIqpVO4Q0FZPs1FJgxxCQ4mUxC8%2B8zoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa3b9cb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1142), with no line terminators
Size:   73728
Md5:    879a0ea115be28aae0867112820c2528
Sha1:   e60496750ebf6ef5edc7214d7ba2901881d940e7
Sha256: 236d8cf4a2e869ef51de246d40685df085193b97db37351357011ac39e8b9544
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:07:41 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=393335,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77488b006b321bfa-OSL

                                        
                                            GET /stattag.js HTTP/1.1 
Host: cdntechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.29.183
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:40 GMT
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6g5n9cO3zY0QqGC0Gr5k%2BeriMM8zqqS1hl1%2Ffw%2FHpLa7BSELlHufibo7T%2BBPyw%2B%2BCdeMjo81z9UiOMknqXLBkhCOTLvXmPWf%2BqcWW61jXssMft4ivNH0d6Y5MqGnPDVGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77488aff2a490b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12932), with no line terminators
Size:   5228
Md5:    facd649bca61eb6a9b402bbe69b8c2ca
Sha1:   b18e471c068424092c6229a91e7a54ed249c4009
Sha256: e6fbf372cb3d490808d84e5bfe761567d9fa60c3eb0f3882d97e6f9bda8c4100
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 8448
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /js/rtc.8ca42e15.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-29d4"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8CL8AAnz8u56FOICNEdpvCR2ebQLmeb9r753W3lQQJYU9L9kuQoV39O9lGxg5E3BJVv2VJuyyjGxDMIKAdmKKyRX1%2BkaAvTFPkbTd6CGnExdgGTpcnRCPUW3tcu%2F%2F9%2B%2Bq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa1b77b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10708), with no line terminators
Size:   5767
Md5:    11169071b6f4aafc98af0a86e406d6f5
Sha1:   7715ad311741ecabfce6511bead450644f107d8b
Sha256: 829c98fe074c3fd882ac45bf13076c13dc4d1fc39ed6fa82f787ed2eabc61da2
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A830530135%3Arqn%3A2%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C993%2C993%2C0%2C%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 78
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonUnique&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A840389943%3Arqn%3A3%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonStepChange&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A326133761%3Arqn%3A4%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A173%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A353640292%3Arqn%3A1%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C41%2C1%2C%2C0%2C%2C131%2C3%2C%2C%2C%2C271%3Aco%3A0%3Ans%3A1670198857600%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A173%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A353640292%3Arqn%3A1%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C41%2C1%2C%2C0%2C%2C131%2C3%2C%2C%2C%2C271%3Aco%3A0%3Ans%3A1670198857600%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
set-cookie: yabs-sid=986921641670198861; Path=/; SameSite=None; Secure i=n9ws+8xGz1bxKujfSeZpTCL7LKTz8riN7nzALXbU4CzVQ6MZfF275OUjAPXikAePmE7R0cKFYWX0LUuIeQs47wTa2OI=; Expires=Thu, 02-Dec-2032 00:07:31 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None yandexuid=442282831670198861; Expires=Tue, 05-Dec-2023 00:07:41 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=442282831670198861; Expires=Tue, 05-Dec-2023 00:07:41 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure ymex=1701734861.yc.1670198861#1701734861.yrts.1670198861#1701734861.yrtsi.1670198861; Expires=Tue, 05-Dec-2023 00:07:41 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A205461605%3Arqn%3A6%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A1039171625%3Arqn%3A9%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 384
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A567476340%3Arqn%3A8%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_2456%26ymid%3Db5b64da1-60d6-4acb-9501-940ded07a6de%253A25aef6e245b01845dbda5bb5d5a6d078bd9040f2%26utm_campaign%3D6100_2456%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670198861_b8e3be03657785abe3406573abf692f5a7d6d9cdf7ffa763d0f95e1a67f6dada&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1398952531273%3Ahid%3A339061835%3Az%3A0%3Ai%3A20221205000738%3Aet%3A1670198859%3Ac%3A1%3Arn%3A973554407%3Arqn%3A10%3Au%3A1670198859961557307%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670198857600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670198859%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Mon, 05 Dec 2022 00:07:41 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 00:07:41 GMT
last-modified: Mon, 05-Dec-2022 00:07:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /js/survey.6.27577dae.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
cf-polished: origSize=212504
etag: W/"6389ea60-33e18"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLBC8z0UZ9ewAuEb5hGb21vAdYkhJnZAKzjKOcvlt5rqquOdGrpprUhUdm4P9haedeJAinpqe2jNT92zUBAkePlX2wNbh1qFTp9YTAy%2BZpnCymXqlBjLxg%2FGzfRwAFjy98g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa3b99b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   57617
Md5:    a2924f22c9076fcff2f93d66a0023b43
Sha1:   d1a1344b7300ea86598382469608320a03d23492
Sha256: 8f52e2fb20bb830365a4ad13778148db586942c396e25467b0ff425e54a7361d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "03984146227D625939886E35A1ABEA7CC0A3FE9DCBF3371757FE9D00883D6CF7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9764
Expires: Mon, 05 Dec 2022 02:50:30 GMT
Date: Mon, 05 Dec 2022 00:07:46 GMT
Connection: keep-alive

                                        
                                            GET /js/v-_equalByTag.js.34ccca25.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-3a7"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JGhTpNmRa3I7qgO63ZrNsQcT0LYTEVMZ6bZ0R24sJA56bOSn7FUXU%2FEl1%2B58Q3Pzkeo5QCgJlufmjtBBDhc5F8C1%2FrXn54yO5hGHfeb%2Fi4rcc72vhTCwL49NdR8gvXHczY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b8fb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-_baseIsEqualDeep.js.55ec21e9.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-2d0"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdPkSapZ4UoA%2FMMnMupvvdyID9jAagYbKQmSTsbykbg00Bl6MoMI0sZUcDDo3MnAr5hq74p8TE2VXO9BtXh%2FS7jqoyzaxyStZ%2FSJuwn4HH9k6U52hmGPpkR6LISBDvfn1tA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b92b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/survey-dating.42775b4d.css HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
cf-polished: origSize=9365
etag: W/"6389ea60-2495"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLPXvVA6jEMQEasmf8KWyk%2F6gkuE4qelL4t5tiRXOycRvhNciO8wE8cp7QFvHJXZ4oSlOLnc8%2FCTf9yh29ck%2BXefupHQLUcdS%2F9rrlN9S5%2FUMsdjwjNHmA379RB5O4EPQCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b80b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_2456&ymid=b5b64da1-60d6-4acb-9501-940ded07a6de:25aef6e245b01845dbda5bb5d5a6d078bd9040f2 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/html
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tKdXqZHOSYdwZOlp21BGowXzdec0NaB2nMcxBVGnyMLvBV6T4kxfNddW6lV%2FMUq2AFt9eivvC7kXlzYfKDZ9krvwTOYdEn8R8QvuA%2FxT%2BukLcZtNt%2BNiwhVmGM3%2FkC6TNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488af94b03b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/survey.cd8123e3.css HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
cf-polished: origSize=19034
etag: W/"6389ea60-4a5a"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm1Hc%2BkNbqQePokjtSEv%2FcrIGyk%2F7pCaj1nBL0AE0tTz73F5Hvex3Wvtqrpp2%2B%2FJh1o%2Bkn%2BbRmrvJaOfqw%2BJSVvCmF2oP7wmc7ub2o189PyDGThEOGcOnZlHNuaCON7U9JY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa2b7fb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-index.js.99ba7c4d.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-9241"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOrKgsjKx45rbi8%2Bh25eNJS%2BzqyzxjeUI2ZM4Kv1iVsGMWnq5Y1g0h2kATH55bb6faMuccA%2FSgpwlv12FfZsHBX9UPO1%2FpbmFyM3ugS42iNvEqrAOCp1COdrMFNYKg3bmOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa1b79b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-URLSearchParams.js.f8f87c95.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.14.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
cf-bgj: minify
etag: W/"6389ea60-dc"
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBGz%2FrjNFd03%2BUllN1jiiyLdt7ZDTKn5b4cgAg%2FxMmvog%2Fq50uHD0Mcg4RJN78vTvodjb3zNLdHGur1if9lGMOSGMoN195tOTH0X7G05Wo9FcaZv%2BOR3W%2BIwrtiPt9I2g9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77488afa1b7db524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=romeo-sic-vqpeyj59e3 HTTP/1.1 
Host: 1865e08ae4.smapp.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belia-glp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.186.250.143
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 00:07:39 GMT
server: TornadoServer/5.1.1
clickid: b5b64da1-60d6-4acb-9501-940ded07a6de:25aef6e245b01845dbda5bb5d5a6d078bd9040f2
x-service-version: 2.0.1
x-frame-options: SAMEORIGIN
etag: W/"2dbf4e46ccc9727381a7f8f6f65a437675e1c3c6"
set-cookie: cx_ntsl_i=592d64d2-37b0-4ec8-927e-fbb5c513c121; expires=Tue, 01 Dec 2037 00:07:39 GMT; Path=/ instal-cookie="2|1:0|10:1670198859|13:instal-cookie|124:eyIzMjQ0NjgwIjogImI1YjY0ZGExLTYwZDYtNGFjYi05NTAxLTk0MGRlZDA3YTZkZToyNWFlZjZlMjQ1YjAxODQ1ZGJkYTViYjVkNWE2ZDA3OGJkOTA0MGYyIn0=|947493344c5bfa33505ab140587eec176d1147cf3557697be7e88ff76ec3594f"; expires=Wed, 04 Jan 2023 00:07:39 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---