urlscan.io logo urlscan.io
SecurityTrails logo

onehalf.agency Open in urlscan Pro
52.223.52.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://onehalf.agency/?ref=lapaninja
Submission: On October 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 31 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is onehalf.agency.
TLS certificate: Issued by R3 on October 1st 2023. Valid for: 3 months.
This is the only time onehalf.agency was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
onehalf.agency
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2600:9000:2490:2600:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    108.156.60.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-67.ams1.r.cloudfront.net
events.framer.com
9    2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2104:600:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.framerstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:214f:9a00:10:9b9d:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
framer.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tally.so
Apex Domain
Subdomains		 Transfer
11 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 87079
402 KB
9 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
73 KB
4 framer.com
events.framer.com — Cisco Umbrella Rank: 105813
framer.com — Cisco Umbrella Rank: 89318
13 KB
3 gstatic.com
fonts.gstatic.com
46 KB
1 tally.so
tally.so — Cisco Umbrella Rank: 113334
10 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
253 B
1 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 148249
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
90 KB
1 onehalf.agency
onehalf.agency
28 KB
31 9
Domain Requested by
11 framerusercontent.com onehalf.agency
framerusercontent.com
9 i.ytimg.com onehalf.agency
3 fonts.gstatic.com onehalf.agency
3 events.framer.com onehalf.agency
events.framer.com
1 tally.so onehalf.agency
1 framer.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 app.framerstatic.com onehalf.agency
1 www.googletagmanager.com onehalf.agency
1 onehalf.agency
31 10

This site contains links to these domains. Also see Links.

Domain
olvy.co
atlan.com
culrs.com
www.moneytap.com
Subject Issuer Validity Valid
onehalf.agency
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-15		 a year crt.sh
events.framer.com
Amazon RSA 2048 M01		 2023-04-26 -
2024-05-23		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
framerstatic.com
Amazon RSA 2048 M01		 2023-02-23 -
2023-12-21		 10 months crt.sh
tally.so
GTS CA 1P5		 2023-08-31 -
2023-11-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://onehalf.agency/?ref=lapaninja
Frame ID: 002C7D8A6050CF7EDE0D66AA914585FA
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OneHalf - Creative Video Production Agency for Startups

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

97 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

683 kB
Transfer

1900 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://framer.com/m/feather-icons/play.js@0.0.29 HTTP 302
  • https://framerusercontent.com/modules/p8uqoHLKT83nbfUYB1kZ/C4LE1L7dNmr7XSmgYErz/play.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onehalf.agency/ 		231 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/b880b22 /
Resource Hash
3692caa1bc08bb7560a5e6c45a231a1aea7abd7bd658d99f61340eb497c8bd7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
28574
content-type
text/html
date
Sun, 08 Oct 2023 15:22:07 GMT
etag
"67d66ae80ae49da4978a84374dac7ca1"
last-modified
Fri, 02 Jun 2023 07:36:17 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/b880b22
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="b880b22"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LF6WXTGKRH
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfacedfaf5732044e82a9fc17414ef0a2142048ed1097356134a605cb8e5eb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91385
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 08 Oct 2023 15:22:08 GMT
dh3srC5sRNfijQz1Rzoy73qn1c~lalHdU65LZQmitYFDiIBQsO3YeGCVFDyINN8foqSL3M.otf
framerusercontent.com/modules/assets/ 		120 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/assets/dh3srC5sRNfijQz1Rzoy73qn1c~lalHdU65LZQmitYFDiIBQsO3YeGCVFDyINN8foqSL3M.otf
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8099a2e52c2f8b1eb1451b62f2be202773cea289ada8dacc56bf926e69cd7aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 11:29:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2260373
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
123284
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept
x-amz-cf-id
Y_sjuzLqsPREcQJ7u-9T3FJMVaL8OOA0m02yhM6rYaUIgC7w3wE-iA==
chunk-BGLNMPAB.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		133 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/chunk-BGLNMPAB.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b68a86bb9b6d9547d93b14dba21f8cf86a000a819210721ee30ab70720f69080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 07:42:08 GMT
x-amz-version-id
KALYhA6JjxuLU0a1SoYoVHlhMek7xwk9
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
11086801
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 07:36:16 GMT
server
CloudFront
etag
W/"5b0f941be577612930ea88fddef1d4cc"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
NDj2DFMhS8Y0AOzdW8QmF_mmXpq_N7kVoljUwLMj7H_mvbXkK2pq2w==
chunk-C73GQMHW.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		378 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/chunk-C73GQMHW.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bb304cbea59579dfa8753064e9cb752590029d0df3ee9d282f22cc25631d4094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 07:42:08 GMT
x-amz-version-id
Am3BXqJqLPk4tz96zt9eoA9yWVckyf62
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
11086801
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 07:36:16 GMT
server
CloudFront
etag
W/"4693b5bf00046e2eacf6b8f8f5df9c02"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
cFnhtDo8s2ZzIR5gYgiVwApcDb57P8ZgCG9hUXQrq0hlFkD64sEnLg==
chunk-OIST4OYN.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		454 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/chunk-OIST4OYN.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:25:12 GMT
x-amz-version-id
tOhSdsdKotl181.N6JlqkO8rktWXvwQK
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
11494617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
454
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Apr 2023 20:02:57 GMT
server
CloudFront
etag
"8af81548ac68e6596fe9853138d19471"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
Rzk99eGXp40ymh-4dCJKNllxCn2uWdE5XMkzbEQ2ul-_0o4DBhspRg==
AKdY3x17DyxtMDxkdsamYgOkdIZ1vZjyh_HLIn-lmqU.NKKPH7YJ.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		452 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/AKdY3x17DyxtMDxkdsamYgOkdIZ1vZjyh_HLIn-lmqU.NKKPH7YJ.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c7e4e1db18854fbf1583b73971446ca6094a6e69b1a8cfb20ffe5ca43f80c351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 07:42:09 GMT
x-amz-version-id
PthRG8.ZNH4sNj0yo7zR498H0w8xu0qs
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
11086800
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 07:36:16 GMT
server
CloudFront
etag
W/"4fbef12b6a7c449ce5c7e6358aad2c88"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
zdojMl5NH58jylWfymKSQSu-UwCC_R8BNGFb8hu-sXR6szSlL71U5A==
chunk-RE74WJPN.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		917 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/chunk-RE74WJPN.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
158eeb06ef9e6a1476df78f3bb4bec2a8aa8f26f999e068ae00adc2153fdf5dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:25:12 GMT
x-amz-version-id
dmWMEgR1giZKl42JL9l51RZVEHt1Gwsg
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
11494617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
917
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Apr 2023 20:02:57 GMT
server
CloudFront
etag
"6abc89e022a6ae41661db210220e0c97"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
6eYP6AmlbjDhj3RUBlccMJKTfTEXnhkAdclHj9scLtxttdRUXy-P9A==
chunk-L4JPYS2H.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		743 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/chunk-L4JPYS2H.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fe55049827324400de90ac79776415be6a5eabaaccbb1517747389a9066877c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 07:42:10 GMT
x-amz-version-id
c4lQ.cBGy0CvwKyONWHUVhmYBGzMNXzu
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
11086799
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
743
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 07:36:16 GMT
server
CloudFront
etag
"d6b22a08d2d3204e1ba740e9ef280871"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
107nSqLMnlUiOckhhrOJaWe8nDS8xDQHDTxBuJla3C2mTrAhBriIkg==
script
events.framer.com/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-67.ams1.r.cloudfront.net
Software
/
Resource Hash
1b26194d3439f7fa15c917e63e07eccf05d7f1bc92a0986afdd4c9a864f1fd42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:08 GMT
via
1.1 80779e7124f8d44ce2216c35ac5328a8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
12512
x-amz-cf-pop
AMS1-P2
x-amzn-trace-id
Root=1-6522c920-2c47c36148e639f81ebb857c
x-amzn-requestid
f18b6dc6-b87c-45bf-a20e-c6e3be6ef072
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Sun, 08 Oct 2023 15:21:47 GMT
x-amz-apigw-id
MfRdME4oIAMFxCA=
content-length
12512
x-amz-cf-id
qZ6M4SaGhredh6Ruds-8sBai07IVzIGSCpccCi7TUmyXezmSzpzHwg==
_script0.AF47DXLU.mjs
framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/_script0.AF47DXLU.mjs
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1745c133f758ec2826f82770fc25f1dfa637a24e1c9458f648e90a6b8755eca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 07:42:07 GMT
x-amz-version-id
CWXhOlMk4xtCi01QT6F0l7HXn.0GYNEL
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
11086802
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 07:36:16 GMT
server
CloudFront
etag
W/"e370a5c51a1cc0a62e2230c01f5e755f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
WCgN0bGCYmy_z58y_IsncghJNHohwJPgkuO3ajjUs4dV8du0dywAKQ==
sddefault.webp
i.ytimg.com/vi_webp/NieEN-o86i8/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NieEN-o86i8/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e282947ef3f487156952281101c935e1191dfe2fe0cccaf1ca73f23aea6cb94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6566
x-xss-protection
0
server
sffe
etag
"1679317865"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/xzl4DLFz8so/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/xzl4DLFz8so/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c318df1256a6f88092cd89c3bacf76d8fc9d8afc11f8f4606ef6c227a10ae4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3240
x-xss-protection
0
server
sffe
etag
"1679313659"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/dykH8eYSROY/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/dykH8eYSROY/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1352e7816594ce2ab6b0fc55c25c98f0d53303912f362520dcbc801509ded9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10430
x-xss-protection
0
server
sffe
etag
"1679317898"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/Bx7aOPMU5kE/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Bx7aOPMU5kE/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d93da436df20ed2e70b80d0f96b5480374dfb6ecfb2b9d97caf7a808c8ead37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10184
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/6WYygQFZW8Q/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/6WYygQFZW8Q/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd506ad501c6dbf78f1a65caaec8389735b0ae3fb19a7bfaef60ea42674f4250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3520
x-xss-protection
0
server
sffe
etag
"1679468844"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/fqiRbhsX9XA/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/fqiRbhsX9XA/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f59990f52cec16bdcdd650f0c34e33b83f57401b395e069a899b2738489656d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12350
x-xss-protection
0
server
sffe
etag
"1679313491"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/hu_vJq3CLNg/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/hu_vJq3CLNg/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
524511fad7d7316850aadc7609737df2bcfa065841ac4dcacb5db2ff11813078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11034
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/NsN38QXEnfU/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NsN38QXEnfU/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6341db55a5275d1419d879e5adb7c35bbd20779096e01a0c53576ead6d23f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12028
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/KRG1OQg6zTw/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/KRG1OQg6zTw/sddefault.webp
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68aba6993066a6648b3f45cf03a38f865055fc0e7be7f4f94b5d05e1ae8f4c32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4868
x-xss-protection
0
server
sffe
etag
"1679312570"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Oct 2023 17:22:09 GMT
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:35 GMT
x-content-type-options
nosniff
age
203013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:35 GMT
xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk4aE9_C-bk.woff2
fonts.gstatic.com/s/manrope/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v14/xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk4aE9_C-bk.woff2
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a97cf33c625a19ecd47ffb685ff3d140fee83b441c4297ccfed3d300e79757a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 17:57:09 GMT
x-content-type-options
nosniff
age
422699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14212
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 17:57:09 GMT
xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk7PFN_C-bk.woff2
fonts.gstatic.com/s/manrope/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v14/xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk7PFN_C-bk.woff2
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43974f76e756e6e5c6bb6e260c493c87eee0be51fc860be66c7b61da5a14046d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 03:26:34 GMT
x-content-type-options
nosniff
age
129334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14068
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 03:26:34 GMT
Inter-Medium.latin-Y3IVPL46.woff2
app.framerstatic.com/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Medium.latin-Y3IVPL46.woff2
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:600:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onehalf.agency/
Origin
https://onehalf.agency
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 02:40:03 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8da78542dac6b4328eb443200c30bbfe.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
4452126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19904
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 17 Aug 2023 19:53:34 GMT
server
CloudFront
etag
"f366e7b832c6d0e8a2038665895c0762"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
nAkugg14QIznySXrOpjJa-4UCM13ZSntZSC-n7VkdEeNbzgmOsDSxg==
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LF6WXTGKRH&gtm=45je3a40&_p=229322976&cid=1007332172.1696778529&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696778529&sct=1&seg=0&dl=https%3A%2F%2Fonehalf.agency%2F%3Fref%3Dlapaninja&dt=OneHalf%20-%20Creative%20Video%20Production%20Agency%20for%20Startups&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LF6WXTGKRH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 15:22:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onehalf.agency
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-67.ams1.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://onehalf.agency/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
x-amzn-trace-id
Root=1-6522c921-585b7d5101421613452c5e24;Sampled=0;lineage=c457ad49:0
x-amzn-requestid
21724593-d88c-4a3c-9438-baa078200f21
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
MfRdUFjAoAMF4XA=
content-length
0
x-amz-cf-id
vFNm_czHT4DJP_BzyyGFcvDoy9rB2_JiGWr3DQcIYOjhemWZccEQxw==
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-67.ams1.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://onehalf.agency
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 08 Oct 2023 15:22:09 GMT
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-apigw-id
MfRdTGOXoAMFXZw=
x-amz-cf-id
Q-nEoiQGVhB-uyf3rxgAWzSgqW2m0QPLXdK2eQJBeyAWJb_CBpFBLg==
x-amz-cf-pop
AMS1-P2
x-amzn-requestid
2665c9a1-d8ec-49dd-8458-08e3650f3f09
x-cache
Miss from cloudfront
play.js
framerusercontent.com/modules/p8uqoHLKT83nbfUYB1kZ/C4LE1L7dNmr7XSmgYErz/
Redirect Chain
  • https://framer.com/m/feather-icons/play.js@0.0.29
  • https://framerusercontent.com/modules/p8uqoHLKT83nbfUYB1kZ/C4LE1L7dNmr7XSmgYErz/play.js
394 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/p8uqoHLKT83nbfUYB1kZ/C4LE1L7dNmr7XSmgYErz/play.js
Protocol
H3
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a93b474a10bb3d920aabe14ac91595791ab96f8bbab4edd68eb3dc51a885c8e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 12:32:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
age
10152
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
394
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
x-amz-cf-id
qjruKaRrYCw_PmrTkwd3b4DWaWy7vVRGc7t3DghJdea5Zr3WUdUMNQ==

Redirect headers

date
Sun, 08 Oct 2023 14:29:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3177
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
110
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/p8uqoHLKT83nbfUYB1kZ/C4LE1L7dNmr7XSmgYErz/play.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
8yB-VAQnNohdyd3pfhR1Jvauw7VUacnbsqPVIrpIY0tm8cG7Dh8cJw==
EiWradmcCMBLxPVpyGKKobG4t9I~HTypSdhALjmLDBLNnirKC94EGFH5TRtS1M77CH1_X4w.json
framerusercontent.com/modules/assets/ 		110 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/assets/EiWradmcCMBLxPVpyGKKobG4t9I~HTypSdhALjmLDBLNnirKC94EGFH5TRtS1M77CH1_X4w.json
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/AKdY3x17DyxtMDxkdsamYgOkdIZ1vZjyh_HLIn-lmqU.NKKPH7YJ.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
83e99e2c3b26990b8f008f012f2c3f15bbd74f898cfce23916329f0f1540bcf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:58:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
1653822
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept-Encoding,Accept
x-amz-cf-id
xLn5obigzM8HD0tEEksvxNQgJqn9AhNxER9qYEo1ONXmDnO4YQdNKQ==
Id5O2TMWAz1bEFPtiHLOFMjd4~5nOJSFci6QWfHBfbQyJVcrOkeogqn59xOxX2ZQzvHJg.json
framerusercontent.com/modules/assets/ 		30 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/assets/Id5O2TMWAz1bEFPtiHLOFMjd4~5nOJSFci6QWfHBfbQyJVcrOkeogqn59xOxX2ZQzvHJg.json
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/64z8ZmPDzlvSBFJWPTKDcq/AKdY3x17DyxtMDxkdsamYgOkdIZ1vZjyh_HLIn-lmqU.NKKPH7YJ.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
936fe295f564e36fb94e48674fed821bd6429dcb0b851a607757e51426541d5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 18:39:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
1802585
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept-Encoding,Accept
x-amz-cf-id
cwO88e0vK5H2kjI7cE4LBBSq8skz9XC6EPLijWymIBACaDje5CSoOg==
embed.js
tally.so/widgets/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tally.so/widgets/embed.js
Requested by
Host: onehalf.agency
URL: https://onehalf.agency/?ref=lapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40cb59ae5da5bf5281b4c2e1fa212e9599ec788d1cb3a2796a0f49586e3768e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onehalf.agency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 15:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 11:19:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2878
etag
W/"6baf-18b04b654a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0RQgJR9%2Fh1jGJxmmHxXPUJNB0i3J%2FNOdNDq%2FX%2FnFe7JSckcQHqT4G9RRS6RNGOBiYU8%2BY97vP%2FUCggeDxTQ2Hajfby5gYwZg27i2BIKX8HKCjjiLteIHgNuGrDgiboSpirliPbE2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, stale-while-revalidate
cf-ray
812f60b16b971c22-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| animator function| HandoffAppearAnimations object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __send_framer_event function| __framer_importFromPackage object| process object| d string| w function| v object| s function| iFrameResize object| Tally

2 Cookies

Domain/Path Name / Value
.onehalf.agency/ Name: _ga_LF6WXTGKRH
Value: GS1.1.1696778529.1.0.1696778529.0.0.0
.onehalf.agency/ Name: _ga
Value: GA1.1.1007332172.1696778529

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
events.framer.com
fonts.gstatic.com
framer.com
framerusercontent.com
i.ytimg.com
onehalf.agency
region1.google-analytics.com
tally.so
www.googletagmanager.com
108.156.60.67
2001:4860:4802:34::36
2600:9000:2104:600:d:6b42:4ec0:93a1
2600:9000:214f:9a00:10:9b9d:b9c0:93a1
2600:9000:2490:2600:d:ada1:a280:93a1
2a00:1450:4001:809::2016
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::2003
2a06:98c1:3120::3
52.223.52.2
158eeb06ef9e6a1476df78f3bb4bec2a8aa8f26f999e068ae00adc2153fdf5dc
1745c133f758ec2826f82770fc25f1dfa637a24e1c9458f648e90a6b8755eca4
1b26194d3439f7fa15c917e63e07eccf05d7f1bc92a0986afdd4c9a864f1fd42
3692caa1bc08bb7560a5e6c45a231a1aea7abd7bd658d99f61340eb497c8bd7d
43974f76e756e6e5c6bb6e260c493c87eee0be51fc860be66c7b61da5a14046d
524511fad7d7316850aadc7609737df2bcfa065841ac4dcacb5db2ff11813078
68aba6993066a6648b3f45cf03a38f865055fc0e7be7f4f94b5d05e1ae8f4c32
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
8099a2e52c2f8b1eb1451b62f2be202773cea289ada8dacc56bf926e69cd7aea
83e99e2c3b26990b8f008f012f2c3f15bbd74f898cfce23916329f0f1540bcf8
936fe295f564e36fb94e48674fed821bd6429dcb0b851a607757e51426541d5e
9e282947ef3f487156952281101c935e1191dfe2fe0cccaf1ca73f23aea6cb94
a93b474a10bb3d920aabe14ac91595791ab96f8bbab4edd68eb3dc51a885c8e2
a97cf33c625a19ecd47ffb685ff3d140fee83b441c4297ccfed3d300e79757a7
b40cb59ae5da5bf5281b4c2e1fa212e9599ec788d1cb3a2796a0f49586e3768e
b68a86bb9b6d9547d93b14dba21f8cf86a000a819210721ee30ab70720f69080
bb304cbea59579dfa8753064e9cb752590029d0df3ee9d282f22cc25631d4094
c1352e7816594ce2ab6b0fc55c25c98f0d53303912f362520dcbc801509ded9a
c318df1256a6f88092cd89c3bacf76d8fc9d8afc11f8f4606ef6c227a10ae4e5
c7e4e1db18854fbf1583b73971446ca6094a6e69b1a8cfb20ffe5ca43f80c351
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
d93da436df20ed2e70b80d0f96b5480374dfb6ecfb2b9d97caf7a808c8ead37c
dfacedfaf5732044e82a9fc17414ef0a2142048ed1097356134a605cb8e5eb5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6341db55a5275d1419d879e5adb7c35bbd20779096e01a0c53576ead6d23f0c
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f59990f52cec16bdcdd650f0c34e33b83f57401b395e069a899b2738489656d2
fd506ad501c6dbf78f1a65caaec8389735b0ae3fb19a7bfaef60ea42674f4250
fe55049827324400de90ac79776415be6a5eabaaccbb1517747389a9066877c8