urlquery - report: kektds.com/p78f32

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
fonts.gstatic.com (2)	0	2014-09-09 00:40:21 UTC	2022-11-24 11:09:52 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.191.210.155
www.clarity.ms (2)	1404	2018-08-22 07:41:57 UTC	2020-02-17 10:26:03 UTC	13.107.213.53
stats.g.doubleclick.net (1)	96	2013-06-10 20:21:11 UTC	2022-11-24 08:34:31 UTC	142.251.1.155
fonts.googleapis.com (2)	8877	2013-06-10 20:14:26 UTC	2022-11-24 11:11:51 UTC	142.250.74.10
r3.o.lencr.org (9)	344	No data	No data	23.36.77.32
icalendar.datingtopgirls.com (1)	260095	2022-06-02 07:08:49 UTC	2022-11-24 05:25:34 UTC	31.220.24.141
wmt.datingtopgirls.com (1)	0	2022-06-09 06:35:36 UTC	2022-11-24 05:25:34 UTC	31.220.24.141	Domain (datingtopgirls.com) ranked at: 164758
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-11-24 06:15:58 UTC	216.239.32.36	Domain (google-analytics.com) ranked at: 8401
wemeettoday.com (1)	0	2020-12-29 08:41:40 UTC	2022-11-24 05:17:30 UTC	104.21.95.141	Unknown ranking
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-11-24 08:35:27 UTC	142.250.74.168
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-24 05:36:55 UTC	34.102.187.140
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-24 05:30:55 UTC	34.117.237.239
ocsp.pki.goog (12)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
my.rtmark.net (2)	9054	2017-08-22 14:11:49 UTC	2022-11-24 08:54:46 UTC	139.45.195.8
www.google.no (1)	25607	2016-04-05 19:50:59 UTC	2022-11-24 08:13:55 UTC	142.250.74.35
botd.fpapi.io (1)	297160	2021-06-11 10:56:14 UTC	2022-11-24 05:25:35 UTC	34.193.232.22
kektds.com (1)	271713	2021-11-26 11:30:02 UTC	2022-11-24 05:17:43 UTC	185.162.87.36
b.clarity.ms (2)	3462	No data	No data	20.75.32.255
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
c.clarity.ms (2)	803	No data	No data	20.234.93.27
c.bing.com (1)	247	2012-05-22 10:26:32 UTC	2020-05-07 03:37:17 UTC	13.107.21.200
cdn.onesignal.com (1)	3015	2015-04-22 13:41:50 UTC	2022-11-24 06:18:08 UTC	104.18.226.52
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.88

Scan Date	Severity	Indicator	Comment
2022-11-25	2	icalendar.datingtopgirls.com/icalendar.js	Malware

Date	UQ / IDS / BL	URL	IP
2022-12-13 22:56:40 +0000	0 - 0 - 3	kektds.com/gX2QYW2d	185.162.87.36
2022-12-13 19:54:18 +0000	0 - 0 - 3	kektds.com/q9Z3XkmD	185.162.87.36
2022-12-13 16:11:17 +0000	0 - 0 - 2	kektds.com/qwMgLZ2C	185.162.87.36
2022-12-13 12:53:50 +0000	0 - 0 - 3	kektds.com/rgx5m9WC	185.162.87.36
2022-12-13 12:02:18 +0000	0 - 0 - 2	kektds.com/nH69Pgdw	185.162.87.36

Date	UQ / IDS / BL	URL	IP
2023-01-28 04:43:30 +0000	0 - 7 - 0	xhamster18.desi/videos/husband-fucks-wife-har (...)	185.207.236.37
2023-01-28 03:53:05 +0000	0 - 0 - 7	sweepfrequencydissolved.com/dyxkeij5?fnv=62&r (...)	192.243.61.227
2023-01-28 03:46:08 +0000	0 - 0 - 1	disquietadaptation.com/	192.243.59.13
2023-01-27 23:45:26 +0000	0 - 0 - 6	experimentalconcerningsuck.com/zf2j03y4h?hmrp (...)	192.243.59.12
2023-01-27 13:59:32 +0000	0 - 0 - 1	mp-download.org/api/getbundle/?partner_apikey (...)	88.208.5.115

Date	UQ / IDS / BL	URL	IP
2023-01-28 05:10:12 +0000	0 - 0 - 1	kektds.com/RGcySB	188.114.97.1
2023-01-28 01:57:38 +0000	0 - 0 - 1	kektds.com/ZxPkcvfk	188.114.97.1
2023-01-27 18:37:28 +0000	0 - 0 - 1	kektds.com/sbc9FZsb	188.114.97.1
2023-01-27 17:49:33 +0000	0 - 0 - 1	kektds.com/g2stV531	188.114.97.1
2023-01-27 06:14:11 +0000	0 - 0 - 1	kektds.com/nH69Pgdw	188.114.97.1

Date	UQ / IDS / BL	URL	IP
2023-01-28 01:57:38 +0000	0 - 0 - 1	kektds.com/ZxPkcvfk	188.114.97.1
2023-01-27 18:57:42 +0000	0 - 0 - 1	wemeettoday.com/tt/01?affiliate_id=15001&sub1 (...)	172.67.170.116
2023-01-27 18:37:28 +0000	0 - 0 - 1	kektds.com/sbc9FZsb	188.114.97.1
2023-01-27 17:49:33 +0000	0 - 0 - 1	kektds.com/g2stV531	188.114.97.1
2023-01-27 03:06:48 +0000	0 - 0 - 1	kektds.com/d3YgJGPB	188.114.96.1

Request	Response
GET /p78f32 HTTP/1.1 Host: kektds.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: kektds.com/p78f32 FQDN: kektds.com IP: 185.162.87.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 185.162.87.36 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 25 Nov 2022 03:58:16 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Expires: 0 Last-Modified: Fri, 25 Nov 2022 03:58:16 GMT Location: https://wemeettoday.com/tt/02?sub1=s8hnpa5110po&affiliate_id=15392&sub2=&sub8=&sub7=74&source=123374&c1=arb%7C280%7C Pragma: no-cache Set-Cookie: _subid=s8hnpa5110po;Expires=Monday, 26-Dec-2022 03:58:16 GMT;Max-Age=2678400;Path=/ _token=uuid_s8hnpa5110po_s8hnpa5110po63803d5873cb64.16714353;Expires=Monday, 26-Dec-2022 03:58:16 GMT;Max-Age=2678400;Path=/ bdeee=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEyMzNcIjoxNjY5MzQ4Njk2fSxcImNhbXBhaWduc1wiOntcIjI4MFwiOjE2NjkzNDg2OTZ9LFwidGltZVwiOjE2NjkzNDg2OTZ9In0.S0Lr0Ew6fTQejdnsrIZNr_nEevc7U1F8-Qon2jXmfUY;Expires=Sunday, 20-Oct-2075 07:56:32 GMT;Max-Age=1669435096;Path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: * --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA" Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3979 Expires: Fri, 25 Nov 2022 05:04:35 GMT Date: Fri, 25 Nov 2022 03:58:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7c60904d097cde276e4e5632cef1b9f1 Sha1: 4f805026462589345d85e8df2d18eafba6237504 Sha256: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1734 Cache-Control: max-age=111709 Date: Fri, 25 Nov 2022 03:58:16 GMT Etag: "637f47ef-1d7" Expires: Sat, 26 Nov 2022 11:00:05 GMT Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af40a2fcf8debb90c3608002da6c907a Sha1: 3c75d6c0b557a3bd8d5db50155b8d896e852c145 Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15917 Expires: Fri, 25 Nov 2022 08:23:33 GMT Date: Fri, 25 Nov 2022 03:58:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 260e9998c20d831b66f1029c8f47aac9 Sha1: 716d630f647c54dc69a7f9c63a6cac294b3df7f7 Sha256: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 25 Nov 2022 03:17:24 GMT cache-control: public,max-age=3600 age: 2452 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ= x-amz-request-id: J3KJ3ARVZWVE4G1J content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 25 Nov 2022 03:43:41 GMT age: 875 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 25 Nov 2022 03:58:16 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 79212d05617bec54796c5358b3c4c041ec5d2ea39908e05d8df364097394242f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=135507 Date: Fri, 25 Nov 2022 03:58:16 GMT Etag: "637fabab-118" Expires: Sat, 26 Nov 2022 17:36:43 GMT Last-Modified: Thu, 24 Nov 2022 17:36:43 GMT Server: nginx Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: cd06536a252fc298ee160c0e6c0c7121 Sha1: ed62a26017395cb80a5380f9d8541432375084e2 Sha256: 79212d05617bec54796c5358b3c4c041ec5d2ea39908e05d8df364097394242f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 79212d05617bec54796c5358b3c4c041ec5d2ea39908e05d8df364097394242f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1 Cache-Control: max-age=135507 Date: Fri, 25 Nov 2022 03:58:17 GMT Etag: "637fabab-118" Expires: Sat, 26 Nov 2022 17:36:44 GMT Last-Modified: Thu, 24 Nov 2022 17:36:43 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: cd06536a252fc298ee160c0e6c0c7121 Sha1: ed62a26017395cb80a5380f9d8541432375084e2 Sha256: 79212d05617bec54796c5358b3c4c041ec5d2ea39908e05d8df364097394242f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e8f74f0a6812f8daf1676109dadf7f0268009ff2a8333006d53ed04dba885045 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5473 Cache-Control: max-age=106094 Date: Fri, 25 Nov 2022 03:58:17 GMT Etag: "637f2366-118" Expires: Sat, 26 Nov 2022 09:26:31 GMT Last-Modified: Thu, 24 Nov 2022 07:55:18 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 38c090269685ce2631960bb8de9255ac Sha1: 49cc3deb8f9a95c41b6942f08f54df97eb709ab2 Sha256: e8f74f0a6812f8daf1676109dadf7f0268009ff2a8333006d53ed04dba885045
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4af780570d49b327d38dc189095448e9 Sha1: 1dd4193a2afeb237c5e475b603b1cbd137f7f97e Sha256: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4af780570d49b327d38dc189095448e9 Sha1: 1dd4193a2afeb237c5e475b603b1cbd137f7f97e Sha256: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a0111a2443450172e5d2b48d350a8f57 Sha1: 75e89d4cd001303e66a93880f96d6c47e7d665ab Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e8f74f0a6812f8daf1676109dadf7f0268009ff2a8333006d53ed04dba885045 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5473 Cache-Control: max-age=106094 Date: Fri, 25 Nov 2022 03:58:17 GMT Etag: "637f2366-118" Expires: Sat, 26 Nov 2022 09:26:31 GMT Last-Modified: Thu, 24 Nov 2022 07:55:18 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 38c090269685ce2631960bb8de9255ac Sha1: 49cc3deb8f9a95c41b6942f08f54df97eb709ab2 Sha256: e8f74f0a6812f8daf1676109dadf7f0268009ff2a8333006d53ed04dba885045
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 50a0cb86fdf41c26f1135cbe09bb7ab197711bf4452c6cf5286de5e0c5705a12 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50A0CB86FDF41C26F1135CBE09BB7AB197711BF4452C6CF5286DE5E0C5705A12" Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13785 Expires: Fri, 25 Nov 2022 07:48:02 GMT Date: Fri, 25 Nov 2022 03:58:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: de195d050fb8340fa003c8934ded2630 Sha1: 58c34bb4a474508ba3741b7d536879d868827e2a Sha256: 50a0cb86fdf41c26f1135cbe09bb7ab197711bf4452c6cf5286de5e0c5705a12
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 50a0cb86fdf41c26f1135cbe09bb7ab197711bf4452c6cf5286de5e0c5705a12 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50A0CB86FDF41C26F1135CBE09BB7AB197711BF4452C6CF5286DE5E0C5705A12" Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13785 Expires: Fri, 25 Nov 2022 07:48:02 GMT Date: Fri, 25 Nov 2022 03:58:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: de195d050fb8340fa003c8934ded2630 Sha1: 58c34bb4a474508ba3741b7d536879d868827e2a Sha256: 50a0cb86fdf41c26f1135cbe09bb7ab197711bf4452c6cf5286de5e0c5705a12
GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: e75c7b476e02d1fd5212c1dd6498c17c7f34976216a34748cdf589fb8a775e5f 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 25 Nov 2022 03:58:17 GMT expires: Fri, 25 Nov 2022 03:58:17 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 75985 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (19102) Size: 75985 Md5: c2ac15b722115dc0dad0277aea666a8e Sha1: 7f1b6a484731ad7a3830c01b9c03c90269976c6b Sha256: e75c7b476e02d1fd5212c1dd6498c17c7f34976216a34748cdf589fb8a775e5f
GET /icalendar.js HTTP/1.1 Host: icalendar.datingtopgirls.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: icalendar.datingtopgirls.com/icalendar.js FQDN: icalendar.datingtopgirls.com IP: 31.220.24.141 HASH: 533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e 31.220.24.141 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.22.1 Date: Fri, 25 Nov 2022 03:58:17 GMT Last-Modified: Mon, 23 May 2022 15:29:00 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"628ba83c-173d" Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1796 Md5: d39f355915d9633385c213781d160c84 Sha1: f22997c5f291268e4f7996b2664ad19c241fd31f Sha256: 533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e Alerts: Blocklists: - fortinet: Malware
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a0111a2443450172e5d2b48d350a8f57 Sha1: 75e89d4cd001303e66a93880f96d6c47e7d665ab Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4af780570d49b327d38dc189095448e9 Sha1: 1dd4193a2afeb237c5e475b603b1cbd137f7f97e Sha256: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 25 Nov 2022 03:08:53 GMT cache-control: public,max-age=3600 age: 2964 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5009 Cache-Control: max-age=109921 Date: Fri, 25 Nov 2022 03:58:17 GMT Etag: "637f3429-1d7" Expires: Sat, 26 Nov 2022 10:30:18 GMT Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb6949e7abaa473393f7c604691de14f Sha1: 599681bba3947709baa603bbae2dd7afd04059a4 Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
GET /util/1-small.jpg HTTP/1.1 Host: wmt.datingtopgirls.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: wmt.datingtopgirls.com/util/1-small.jpg FQDN: wmt.datingtopgirls.com IP: 31.220.24.141 HASH: 711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29 31.220.24.141 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.22.1 Date: Fri, 25 Nov 2022 03:58:17 GMT Content-Length: 62808 Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT Connection: keep-alive ETag: "6023dcca-f558" Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data Size: 62808 Md5: 30737574deb1bfc2fbe5ccb5ced7b656 Sha1: 12f02e651c9d3ac340c23aede3b2d9409194d6f5 Sha256: 711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 196729d7768b6dce63e1fcab88d0ae7b7fbbb3613bee39de6807c183ae6b0c59 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 2533 Md5: a0de062e9bb0e66a3478f2b619437e7c Sha1: 4e1f192e4e0f18b03a5c12d929720c1f903ad8fc Sha256: 196729d7768b6dce63e1fcab88d0ae7b7fbbb3613bee39de6807c183ae6b0c59
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://wemeettoday.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 22 Nov 2022 17:10:21 GMT expires: Wed, 22 Nov 2023 17:10:21 GMT cache-control: public, max-age=31536000 age: 211676 last-modified: Tue, 26 Apr 2022 15:48:56 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Size: 23580 Md5: e1b3b5908c9cf23dfb2b9c52b9a023ab Sha1: fcd4136085f2a03481d9958cc6793a5ed98e714c Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://wemeettoday.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 12700 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 19 Nov 2022 01:44:11 GMT expires: Sun, 19 Nov 2023 01:44:11 GMT cache-control: public, max-age=31536000 age: 526446 last-modified: Mon, 11 Jul 2022 18:56:02 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data Size: 12700 Md5: e571167fbcce8d5081bce96a09930063 Sha1: e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e Sha256: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: znskHEPpupdPVhrwhthbmg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.191.210.155 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.191.210.155 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: h4EBYxnqj3FyuwodZe4Bc2A8O9M= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 1dc16c059e9e2f980aa25e10f503412f4f62c3fc7c5770408f9b292a4db0b57f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18918 Expires: Fri, 25 Nov 2022 09:13:35 GMT Date: Fri, 25 Nov 2022 03:58:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 4639 Md5: 2d7ed295030d13040c4e075f00a3e8fd Sha1: c162d8fe6dd3d8d59b6065746264764ea486e92e Sha256: 1dc16c059e9e2f980aa25e10f503412f4f62c3fc7c5770408f9b292a4db0b57f
GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c 139.45.195.8 HTTP/2 200 OK content-type: text/javascript server: nginx date: Fri, 25 Nov 2022 03:58:17 GMT content-length: 697 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 697 Md5: 1ba2794f0f7dd2b29159959320fd42bd Sha1: 8e73fa295266b44f59b5bc53cafb7febe3c85e39 Sha256: 3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:18 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: b6a795cdfedb5c954b3000dbb2dc7f90 Sha1: b17bb97d224d89bc8227cddf5a8386e100751cda Sha256: 78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=154084656.1669348697&gtm=2oeb90&aip=1&z=939340450 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&t (...) FQDN: www.google.no IP: 142.250.74.35 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.35 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Fri, 25 Nov 2022 03:58:18 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 0d209e68296ab7070940fe9e6b2940c97785d8dfc5c8685842c5580e22e6f25d 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=170317 Date: Fri, 25 Nov 2022 03:58:18 GMT Etag: "63802d2d-1d7" Expires: Sun, 27 Nov 2022 03:16:55 GMT Last-Modified: Fri, 25 Nov 2022 02:49:17 GMT Server: ECS (bsa/EB16) X-Cache: Miss from cloudfront Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 6b8hDAQ8-lRnDDw6kstiD0pjaYEbEFnR_7RUxzHipEReCQLN6hEbYw== Age: 1658 --- Additional Info --- Magic: data Size: 471 Md5: 80e921bca00e6ba6c6cb0731b74d70ec Sha1: 05370461d2bee9bd9bae2f2889d211cba94a6027 Sha256: 0d209e68296ab7070940fe9e6b2940c97785d8dfc5c8685842c5580e22e6f25d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:18 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: b6a795cdfedb5c954b3000dbb2dc7f90 Sha1: b17bb97d224d89bc8227cddf5a8386e100751cda Sha256: 78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /api/v1/detect?version=0.1.23 HTTP/1.1 Host: botd.fpapi.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://wemeettoday.com/ Content-Type: text/plain Origin: https://wemeettoday.com Content-Length: 22344 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: botd.fpapi.io/api/v1/detect?version=0.1.23 FQDN: botd.fpapi.io IP: 34.193.232.22 HASH: e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9 34.193.232.22 HTTP/2 401 Unauthorized content-type: application/octet-stream date: Fri, 25 Nov 2022 03:58:18 GMT content-length: 69 server: nginx access-control-allow-credentials: true access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password access-control-allow-methods: POST, GET, OPTIONS access-control-allow-origin: https://wemeettoday.com X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 69 Md5: 32ba2944a9fb9f71e7edc24a56593f3d Sha1: 52b5da6230916b04a19d6f712ef247513831038c Sha256: e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9
POST /g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oeb90&_p=1650202505&cid=154084656.1669348697&ul=en-us&sr=1280x1024&_s=1&sid=1669348697&sct=1&seg=0&dl=https%3A%2F%2Fwemeettoday.com%2Ftt%2F02%3Fsub1%3Ds8hnpa5110po%26affiliate_id%3D15392%26sub2%3D%26sub8%3D%26sub7%3D74%26source%3D123374%26c1%3Darb%257C280%257C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://wemeettoday.com Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5 (...) FQDN: region1.google-analytics.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://wemeettoday.com date: Fri, 25 Nov 2022 03:58:18 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fwemeettoday.com%2Ftt%2F02%3Fsub1%3Ds8hnpa5110po%26affiliate_id%3D15392%26sub2%3D%26sub8%3D%26sub7%3D74%26source%3D123374%26c1%3Darb%257C280%257C HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 25 Nov 2022 03:58:18 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=2d92214683fb4ce68ed904ddba2c8c08; expires=Sat, 25 Nov 2023 03:58:18 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /eus2/s/0.6.43/clarity.js HTTP/1.1 Host: www.clarity.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.clarity.ms/eus2/s/0.6.43/clarity.js FQDN: www.clarity.ms IP: 13.107.213.53 HASH: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 13.107.213.53 HTTP/2 200 OK content-type: application/javascript;charset=utf-8 cache-control: public,max-age=86400 content-length: 55116 last-modified: Wed, 01 Jun 2022 12:22:22 GMT accept-ranges: bytes etag: "1d8fceb15c2864c" request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64 x-cache: CONFIG_NOCACHE x-azure-ref: 0Wj2AYwAAAADteSFbsVMEToFRwYXyXb22QU1TMDRFREdFMTkwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= date: Fri, 25 Nov 2022 03:58:17 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (55029) Size: 55116 Md5: 441723b72633b1ac9757ad7c63168005 Sha1: 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 Sha256: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:18 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d3d2d21ac304813a16da64921ce18ba4 Sha1: 98b1762c675c61eeb18254986461e6b1074ebc92 Sha256: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=154084656.1669348697&gtm=2oeb90&aip=1 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://wemeettoday.com Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR& (...) FQDN: stats.g.doubleclick.net IP: 142.251.1.155 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 142.251.1.155 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://wemeettoday.com date: Fri, 25 Nov 2022 03:58:18 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:18 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: f86429279e19a89ba7fae87ba2406b4e Sha1: abfa5369a7feb4dfebf13f5eb902c3e860976238 Sha256: 76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
GET /c.gif HTTP/1.1 Host: c.clarity.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: c.clarity.ms/c.gif FQDN: c.clarity.ms IP: 20.234.93.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 20.234.93.27 HTTP/2 302 Found cache-control: private, no-cache, proxy-revalidate, no-store pragma: no-cache location: https://c.bing.com/c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B237963&RedC=c.clarity.ms&MXFR=285BF78E18DE62B61849E5E91CDE6C55 server: Microsoft-IIS/10.0 x-powered-by: ASP.NET p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=285BF78E18DE62B61849E5E91CDE6C55; domain=.clarity.ms; expires=Wed, 20-Dec-2023 03:58:18 GMT; path=/; SameSite=None; Secure; Priority=High; date: Fri, 25 Nov 2022 03:58:18 GMT content-length: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B237963&RedC=c.clarity.ms&MXFR=285BF78E18DE62B61849E5E91CDE6C55 HTTP/1.1 Host: c.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://wemeettoday.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: c.bing.com/c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B23 (...) FQDN: c.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 302 Found cache-control: private, no-cache, proxy-revalidate, no-store pragma: no-cache location: https://c.clarity.ms/c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B237963&MUID=1D01A6F86894602D1B74B49F6961611D p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" set-cookie: SRM_B=1D01A6F86894602D1B74B49F6961611D; domain=c.bing.com; expires=Wed, 20-Dec-2023 03:58:18 GMT; path=/; SameSite=None; Secure; x-powered-by: ASP.NET x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 5506528D1FB24E4B91A8F3BC6701F198 Ref B: OSL30EDGE0521 Ref C: 2022-11-25T03:58:18Z date: Fri, 25 Nov 2022 03:58:18 GMT content-length: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B237963&MUID=1D01A6F86894602D1B74B49F6961611D HTTP/1.1 Host: c.clarity.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://wemeettoday.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: c.clarity.ms/c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B (...) FQDN: c.clarity.ms IP: 20.234.93.27 HASH: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 20.234.93.27 HTTP/2 200 OK content-type: image/gif cache-control: private, no-cache, proxy-revalidate, no-store pragma: no-cache last-modified: Thu, 13 Oct 2022 20:07:05 GMT accept-ranges: bytes etag: "40db785d3fdfd81:0" server: Microsoft-IIS/10.0 x-powered-by: ASP.NET p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 25-Nov-2022 04:08:18 GMT; path=/; SameSite=None; Secure; date: Fri, 25 Nov 2022 03:58:18 GMT content-length: 42 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: 32023bb33cfb2a1990a4ef2d85b6ac16 Sha1: 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3746 Expires: Fri, 25 Nov 2022 05:00:45 GMT Date: Fri, 25 Nov 2022 03:58:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3746 Expires: Fri, 25 Nov 2022 05:00:45 GMT Date: Fri, 25 Nov 2022 03:58:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3746 Expires: Fri, 25 Nov 2022 05:00:45 GMT Date: Fri, 25 Nov 2022 03:58:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3746 Expires: Fri, 25 Nov 2022 05:00:45 GMT Date: Fri, 25 Nov 2022 03:58:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10531 x-amzn-requestid: aa926e70-4b20-40ba-849d-50e96cab8bea x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cICPAHoqoAMFXHA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe3f9-28cdb407069866236c99a0c7;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:36:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: G4LR5DxkDi5dC9OLvwdK6-e2bbGjJMWLInRD1r_CKYKxFMqOoG1Z0w== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:55:47 GMT age: 21752 etag: "050da47a42e16a83c1d59419055961fe9f1f4cc0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10531 Md5: c71b83b77af9bb19b3845048a3008b43 Sha1: 050da47a42e16a83c1d59419055961fe9f1f4cc0 Sha256: cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11743 x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cICD-F7joAMFqmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:54:45 GMT age: 21814 etag: "b0ddc1555d2506177adcdcea77864d75f1245d07" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11743 Md5: 8784bb7a8b88736a6016f712e3183bf3 Sha1: b0ddc1555d2506177adcdcea77864d75f1245d07 Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6560 x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: byQzsFY3IAMF9iA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0 x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: nqv3cZb0_TFYs1XuLw1pCg4B1HmA87mj4S1Sjh3cgXyWd3GnweAY7w== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 04:26:03 GMT age: 84736 etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6560 Md5: 9bc7c4877bfa24d0c1bbb774cd906af1 Sha1: 75d9a14e98ffba5a71a6f710be721b593338ffdc Sha256: b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1U8xGxgIAMF-qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 05:04:28 GMT age: 82431 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6590 x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB8zGeAIAMF4HA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 22:01:38 GMT age: 21401 etag: "236199a790f16dcf96dba80b9945836b37e3c2eb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6590 Md5: 1adbf0cd373a4c06caa71eac14e1286c Sha1: 236199a790f16dcf96dba80b9945836b37e3c2eb Sha256: 767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8277 x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB-KFtmIAMF00Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:59:22 GMT age: 21537 etag: "6a8504212141af411a18ce58960c8bb52e8116ac" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8277 Md5: f59a591b222397ff0f01c22a0786e660 Sha1: 6a8504212141af411a18ce58960c8bb52e8116ac Sha256: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
POST /collect HTTP/1.1 Host: b.clarity.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1070 Origin: https://wemeettoday.com Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: b.clarity.ms/collect FQDN: b.clarity.ms IP: 20.75.32.255 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 20.75.32.255 HTTP/2 204 No Content vary: Origin server: Microsoft-IIS/10.0 request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64 access-control-allow-origin: https://wemeettoday.com access-control-allow-credentials: true date: Fri, 25 Nov 2022 03:58:19 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1 Host: b.clarity.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 521 Origin: https://wemeettoday.com Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: b.clarity.ms/collect FQDN: b.clarity.ms IP: 20.75.32.255 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 20.75.32.255 HTTP/2 204 No Content vary: Origin server: Microsoft-IIS/10.0 request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64 access-control-allow-origin: https://wemeettoday.com access-control-allow-credentials: true date: Fri, 25 Nov 2022 03:58:19 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdks/OneSignalSDK.js HTTP/1.1 Host: cdn.onesignal.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.onesignal.com/sdks/OneSignalSDK.js FQDN: cdn.onesignal.com IP: 104.18.226.52 104.18.226.52 HTTP/2 200 OK content-type: application/javascript date: Fri, 25 Nov 2022 03:58:17 GMT etag: W/"ae63ef8ff03da61fffaa7f165729897a" via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: HIT age: 2820 expires: Mon, 28 Nov 2022 03:58:17 GMT cache-control: public, max-age=259200 vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains server: cloudflare cf-ray: 76f7770d8e92b515-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /css2?family=Montserrat:wght@600&display=swap?82 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Montserrat:wght@600&di (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 25 Nov 2022 03:58:17 GMT date: Fri, 25 Nov 2022 03:58:17 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Lato&display=swap?82 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Lato&display=swap?82 FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 25 Nov 2022 03:58:17 GMT date: Fri, 25 Nov 2022 03:58:17 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 03:58:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info ---
GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1 Host: www.clarity.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wemeettoday.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.clarity.ms/tag/bvsqia2v2y?ref=gtm FQDN: www.clarity.ms IP: 13.107.213.53 13.107.213.53 HTTP/2 200 OK content-type: application/x-javascript cache-control: no-cache, no-store expires: -1 set-cookie: CLID=2bba4c5eaba84145bb530ddb72b026a5.20221125.20231125; expires=Sat, 25 Nov 2023 03:58:18 GMT; path=/; secure; samesite=none; httponly request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78 x-cache: CONFIG_NOCACHE x-azure-ref: 0Wj2AYwAAAAC2COlZ53KiSpZMS+fWxrcFQU1TMDRFREdFMTkwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= date: Fri, 25 Nov 2022 03:58:17 GMT X-Firefox-Spdy: h2 --- Additional Info ---
GET /tt/02?sub1=s8hnpa5110po&affiliate_id=15392&sub2=&sub8=&sub7=74&source=123374&c1=arb%7C280%7C HTTP/1.1 Host: wemeettoday.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: wemeettoday.com/tt/02?sub1=s8hnpa5110po&affiliate_id=15 (...) FQDN: wemeettoday.com IP: 104.21.95.141 104.21.95.141 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Fri, 25 Nov 2022 03:58:17 GMT set-cookie: hashid=85b62364910a99fa30c031b116476ad0; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ country=Norway; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ region=Oslo+County; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ country_code=no; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ city=Oslo; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ latitude=59.955; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ longitude=10.859; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ tour=02; expires=Mon, 24-Nov-2025 03:58:17 GMT; Max-Age=94608000; path=/ hashid=8a7ae98f9366278b2bbfa908ef27c822; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub1=s8hnpa5110po; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sub7=74; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ source=123374; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ affiliate_id=15392; expires=Sat, 25-Nov-2023 03:58:17 GMT; Max-Age=31536000; path=/ cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ st=1669348697; expires=Sat, 26-Nov-2022 03:58:17 GMT; Max-Age=86400; path=/ push_v2=12; expires=Fri, 02-Dec-2022 03:58:17 GMT; Max-Age=604800; path=/ x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1oJdY11%2FmbzJgjWth%2FIGNYGDBmcM5%2F8yvUPK8x0U3pcrLAvyJQWT5%2BfYbf88RG%2B%2FkBY6Bayqlj8yOJBSVGebnHgMiN4%2Fj5lSbXSVTQSK2zDbE0EsmGLmtVjP7RslvJjM8I%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f7770be9b1b4ed-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /p78f32 HTTP/1.1 

                                        
                                            
Host: kektds.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         185.162.87.36

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:16 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0 

                                        
                                            
Expires: 0 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 03:58:16 GMT 

                                        
                                            
Location: https://wemeettoday.com/tt/02?sub1=s8hnpa5110po&affiliate_id=15392&sub2=&sub8=&sub7=74&source=123374&c1=arb%7C280%7C 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Set-Cookie: _subid=s8hnpa5110po;Expires=Monday, 26-Dec-2022 03:58:16 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa5110po_s8hnpa5110po63803d5873cb64.16714353;Expires=Monday, 26-Dec-2022 03:58:16 GMT;Max-Age=2678400;Path=/
bdeee=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEyMzNcIjoxNjY5MzQ4Njk2fSxcImNhbXBhaWduc1wiOntcIjI4MFwiOjE2NjkzNDg2OTZ9LFwidGltZVwiOjE2NjkzNDg2OTZ9In0.S0Lr0Ew6fTQejdnsrIZNr_nEevc7U1F8-Qon2jXmfUY;Expires=Sunday, 20-Oct-2075 07:56:32 GMT;Max-Age=1669435096;Path=/ 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1734 

                                        
                                            
Cache-Control: max-age=111709 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:16 GMT 

                                        
                                            
Etag: "637f47ef-1d7" 

                                        
                                            
Expires: Sat, 26 Nov 2022 11:00:05 GMT 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT 

                                        
                                            
Server: ECS (ska/F71A) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    af40a2fcf8debb90c3608002da6c907a

                                                Sha1:   3c75d6c0b557a3bd8d5db50155b8d896e852c145

                                                Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 03:17:24 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2452 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    d130218d0e2841f39c99610fe1a2ab90

                                                Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945

                                                Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:16 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1 

                                        
                                            
Cache-Control: max-age=135507 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Etag: "637fabab-118" 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:36:44 GMT 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 17:36:43 GMT 

                                        
                                            
Server: ECS (ska/F71A) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    cd06536a252fc298ee160c0e6c0c7121

                                                Sha1:   ed62a26017395cb80a5380f9d8541432375084e2

                                                Sha256: 79212d05617bec54796c5358b3c4c041ec5d2ea39908e05d8df364097394242f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    4af780570d49b327d38dc189095448e9

                                                Sha1:   1dd4193a2afeb237c5e475b603b1cbd137f7f97e

                                                Sha256: f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a0111a2443450172e5d2b48d350a8f57

                                                Sha1:   75e89d4cd001303e66a93880f96d6c47e7d665ab

                                                Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "50A0CB86FDF41C26F1135CBE09BB7AB197711BF4452C6CF5286DE5E0C5705A12" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=13785 

                                        
                                            
Expires: Fri, 25 Nov 2022 07:48:02 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    de195d050fb8340fa003c8934ded2630

                                                Sha1:   58c34bb4a474508ba3741b7d536879d868827e2a

                                                Sha256: 50a0cb86fdf41c26f1135cbe09bb7ab197711bf4452c6cf5286de5e0c5705a12

                                        
                                            GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1 

                                        
                                            
Host: www.googletagmanager.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.168

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Cache-Control 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
expires: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
cache-control: private, max-age=900 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Google Tag Manager 

                                        
                                            
content-length: 75985 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (19102)

                                                Size:   75985

                                                Md5:    c2ac15b722115dc0dad0277aea666a8e

                                                Sha1:   7f1b6a484731ad7a3830c01b9c03c90269976c6b

                                                Sha256: e75c7b476e02d1fd5212c1dd6498c17c7f34976216a34748cdf589fb8a775e5f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a0111a2443450172e5d2b48d350a8f57

                                                Sha1:   75e89d4cd001303e66a93880f96d6c47e7d665ab

                                                Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 03:08:53 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2964 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /util/1-small.jpg HTTP/1.1 

                                        
                                            
Host: wmt.datingtopgirls.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.220.24.141

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Server: nginx/1.22.1 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Content-Length: 62808 

                                        
                                            
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "6023dcca-f558" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data

                                                Size:   62808

                                                Md5:    30737574deb1bfc2fbe5ccb5ced7b656

                                                Sha1:   12f02e651c9d3ac340c23aede3b2d9409194d6f5

                                                Sha256: 711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://wemeettoday.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 23580 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Tue, 22 Nov 2022 17:10:21 GMT 

                                        
                                            
expires: Wed, 22 Nov 2023 17:10:21 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 211676 

                                        
                                            
last-modified: Tue, 26 Apr 2022 15:48:56 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data

                                                Size:   23580

                                                Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab

                                                Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c

                                                Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    aee1eaa2ef2d0edbb0bc5703979e6439

                                                Sha1:   8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db

                                                Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18918 

                                        
                                            
Expires: Fri, 25 Nov 2022 09:13:35 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   4639

                                                Md5:    2d7ed295030d13040c4e075f00a3e8fd

                                                Sha1:   c162d8fe6dd3d8d59b6065746264764ea486e92e

                                                Sha256: 1dc16c059e9e2f980aa25e10f503412f4f62c3fc7c5770408f9b292a4db0b57f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    b6a795cdfedb5c954b3000dbb2dc7f90

                                                Sha1:   b17bb97d224d89bc8227cddf5a8386e100751cda

                                                Sha256: 78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=170317 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
Etag: "63802d2d-1d7" 

                                        
                                            
Expires: Sun, 27 Nov 2022 03:16:55 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 02:49:17 GMT 

                                        
                                            
Server: ECS (bsa/EB16) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 6b8hDAQ8-lRnDDw6kstiD0pjaYEbEFnR_7RUxzHipEReCQLN6hEbYw== 

                                        
                                            
Age: 1658 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    80e921bca00e6ba6c6cb0731b74d70ec

                                                Sha1:   05370461d2bee9bd9bae2f2889d211cba94a6027

                                                Sha256: 0d209e68296ab7070940fe9e6b2940c97785d8dfc5c8685842c5580e22e6f25d

                                        
                                            POST /api/v1/detect?version=0.1.23 HTTP/1.1 

                                        
                                            
Host: botd.fpapi.io

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Origin: https://wemeettoday.com 

                                        
                                            
Content-Length: 22344 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.193.232.22

                                        
                                            HTTP/2 401 Unauthorized 

                                        
                                            
content-type: application/octet-stream

                                        

                                        
                                            
date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
content-length: 69 

                                        
                                            
server: nginx 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS 

                                        
                                            
access-control-allow-origin: https://wemeettoday.com 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   69

                                                Md5:    32ba2944a9fb9f71e7edc24a56593f3d

                                                Sha1:   52b5da6230916b04a19d6f712ef247513831038c

                                                Sha256: e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9

                                        
                                            GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fwemeettoday.com%2Ftt%2F02%3Fsub1%3Ds8hnpa5110po%26affiliate_id%3D15392%26sub2%3D%26sub8%3D%26sub7%3D74%26source%3D123374%26c1%3Darb%257C280%257C HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         139.45.195.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
content-length: 43 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                        
                                            
access-control-expose-headers: Authorization 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: ID=2d92214683fb4ce68ed904ddba2c8c08; expires=Sat, 25 Nov 2023 03:58:18 GMT; secure; SameSite=None 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    b4491705564909da7f9eaf749dbbfbb1

                                                Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8

                                                Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    d3d2d21ac304813a16da64921ce18ba4

                                                Sha1:   98b1762c675c61eeb18254986461e6b1074ebc92

                                                Sha256: af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    f86429279e19a89ba7fae87ba2406b4e

                                                Sha1:   abfa5369a7feb4dfebf13f5eb902c3e860976238

                                                Sha256: 76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6

                                        
                                            GET /c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B237963&RedC=c.clarity.ms&MXFR=285BF78E18DE62B61849E5E91CDE6C55 HTTP/1.1 

                                        
                                            
Host: c.bing.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.107.21.200

                                        
                                            HTTP/2 302 Found

                                        

                                        
                                            
cache-control: private, no-cache, proxy-revalidate, no-store 

                                        
                                            
pragma: no-cache 

                                        
                                            
location: https://c.clarity.ms/c.gif?CtsSyncId=2F2E8D56016F44E9A54577483B237963&MUID=1D01A6F86894602D1B74B49F6961611D 

                                        
                                            
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" 

                                        
                                            
set-cookie: SRM_B=1D01A6F86894602D1B74B49F6961611D; domain=c.bing.com; expires=Wed, 20-Dec-2023 03:58:18 GMT; path=/; SameSite=None; Secure; 

                                        
                                            
x-powered-by: ASP.NET 

                                        
                                            
x-cache: CONFIG_NOCACHE 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
x-msedge-ref: Ref A: 5506528D1FB24E4B91A8F3BC6701F198 Ref B: OSL30EDGE0521 Ref C: 2022-11-25T03:58:18Z 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:18 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3746 

                                        
                                            
Expires: Fri, 25 Nov 2022 05:00:45 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:19 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3746 

                                        
                                            
Expires: Fri, 25 Nov 2022 05:00:45 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 03:58:19 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10531 

                                        
                                            
x-amzn-requestid: aa926e70-4b20-40ba-849d-50e96cab8bea 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cICPAHoqoAMFXHA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe3f9-28cdb407069866236c99a0c7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:36:57 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: G4LR5DxkDi5dC9OLvwdK6-e2bbGjJMWLInRD1r_CKYKxFMqOoG1Z0w== 

                                        
                                            
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 21:55:47 GMT 

                                        
                                            
age: 21752 

                                        
                                            
etag: "050da47a42e16a83c1d59419055961fe9f1f4cc0" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10531

                                                Md5:    c71b83b77af9bb19b3845048a3008b43

                                                Sha1:   050da47a42e16a83c1d59419055961fe9f1f4cc0

                                                Sha256: cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6560 

                                        
                                            
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: byQzsFY3IAMF9iA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: nqv3cZb0_TFYs1XuLw1pCg4B1HmA87mj4S1Sjh3cgXyWd3GnweAY7w== 

                                        
                                            
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 04:26:03 GMT 

                                        
                                            
age: 84736 

                                        
                                            
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6560

                                                Md5:    9bc7c4877bfa24d0c1bbb774cd906af1

                                                Sha1:   75d9a14e98ffba5a71a6f710be721b593338ffdc

                                                Sha256: b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6590 

                                        
                                            
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cIB8zGeAIAMF4HA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 22:01:38 GMT 

                                        
                                            
age: 21401 

                                        
                                            
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6590

                                                Md5:    1adbf0cd373a4c06caa71eac14e1286c

                                                Sha1:   236199a790f16dcf96dba80b9945836b37e3c2eb

                                                Sha256: 767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e

                                        
                                            POST /collect HTTP/1.1 

                                        
                                            
Host: b.clarity.ms

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 1070 

                                        
                                            
Origin: https://wemeettoday.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         20.75.32.255

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
vary: Origin 

                                        
                                            
server: Microsoft-IIS/10.0 

                                        
                                            
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64 

                                        
                                            
access-control-allow-origin: https://wemeettoday.com 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:19 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /sdks/OneSignalSDK.js HTTP/1.1 

                                        
                                            
Host: cdn.onesignal.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.226.52

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
etag: W/"ae63ef8ff03da61fffaa7f165729897a" 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2820 

                                        
                                            
expires: Mon, 28 Nov 2022 03:58:17 GMT 

                                        
                                            
cache-control: public, max-age=259200 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
strict-transport-security: max-age=15552000; includeSubDomains 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f7770d8e92b515-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css?family=Lato&display=swap?82 HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1 

                                        
                                            
Host: www.clarity.ms

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://wemeettoday.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript

                                        

                                        
                                            
cache-control: no-cache, no-store 

                                        
                                            
expires: -1 

                                        
                                            
set-cookie: CLID=2bba4c5eaba84145bb530ddb72b026a5.20221125.20231125; expires=Sat, 25 Nov 2023 03:58:18 GMT; path=/; secure; samesite=none; httponly 

                                        
                                            
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78 

                                        
                                            
x-cache: CONFIG_NOCACHE 

                                        
                                            
x-azure-ref: 0Wj2AYwAAAAC2COlZ53KiSpZMS+fWxrcFQU1TMDRFREdFMTkwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= 

                                        
                                            
date: Fri, 25 Nov 2022 03:58:17 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	kektds.com/p78f32
IP	185.162.87.36 (United Kingdom)
ASN	#39572 DataWeb Global Group B.V.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-25 03:58:27 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (26)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.162.87.36

Last 5 reports on ASN: DataWeb Global Group B.V.

Last 5 reports on domain: kektds.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (31)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (62)

Overview

Domain Summary (26)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.162.87.36

Last 5 reports on ASN: DataWeb Global Group B.V.

Last 5 reports on domain: kektds.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (31)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (62)

Network Intrusion Detection Systems