we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
104.21.80.226200 OK 7.2 kB URL HTTP/1.1 we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
IP 104.21.80.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2912)
Hash bbeb01e5aba4830a078796e6fcd0d73b
8293f8c2e40db6b51cd91c8302a0214422f8d3cb
1564ce5f3e60a880d0c974653ad17ff935e7a4fd36403168245f19e5f867a4e6
GET /tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765| HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hashid=417ad493f0441f7f5db77c8c0fbdf607; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
country=Norway; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
region=Oslo+County; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
country_code=no; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
latitude=59.955; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
longitude=10.859; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
tour=02; expires=Sun, 30-Nov-2025 22:57:28 GMT; Max-Age=94608000; path=/
hashid=189a913d31e51b048864af3600bbd923; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=3vrv2i55605kf; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=61; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=178261; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=13989; expires=Fri, 01-Dec-2023 22:57:28 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1669935448; expires=Fri, 02-Dec-2022 22:57:28 GMT; Max-Age=86400; path=/
push_v2=50; expires=Thu, 08-Dec-2022 22:57:28 GMT; Max-Age=604800; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l8xr6K%2FyDSpruBo8RA%2Fn7KqPxHzQ6UNirQJcJCRbIF6HI75J1Ec3chiopB5Rqns0MKNtJikVXl0IxShRFIFWy4QLBiQFmki0lk98IOftwbOzjk7kQMPx%2FDfD3FeQuIi1QHrtA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0adb3fb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7051
Expires: Fri, 02 Dec 2022 00:54:59 GMT
Date: Thu, 01 Dec 2022 22:57:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1534
Cache-Control: max-age=129557
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:56:46 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 22:18:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2360
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10574
Expires: Fri, 02 Dec 2022 01:53:43 GMT
Date: Thu, 01 Dec 2022 22:57:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1Cd1qUSfp6zQLX8F5nQozJoDcapubJSLYBIeW63/+jcTM9dEdAhahQyzSQH0/Uph7NoQ60CX2R8=
x-amz-request-id: 52CPJD7CZ0Q1NNJ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 22:45:50 GMT
age: 699
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
we-meet-today.com/fav/wmt/css/tt/02/app.css?82
104.21.80.226200 OK 5.0 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/css/tt/02/app.css?82
IP 104.21.80.226:0
Hash bc68ff480e3b144050e5f2b9ecb9f520
26ccb78db6a48fbcc702a12b51c6edd8fe3327cf
cc91dc70171a9dd42c3f38dbeb1e5a512a23ac6be67270234c8b1ce2ad957920
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/css/tt/02/app.css?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-52c2"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87bIBiGzZvqrOYcOAl0GG83cdrhvgTJPTM0pCpOcVMQXa%2FOGorMk0zZ9ndn3PmRlvXOaESw0NSB8SeGuviX5Mf0Fb1UP7136HhPKQHsHjQNTwEBSpDfDGxY7GFxJ62%2Fqlx5D2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d1cdeb523-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 22:57:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
we-meet-today.com/fav/wmt/css/additional.css?82
104.21.80.226200 OK 2.3 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/css/additional.css?82
IP 104.21.80.226:0
Hash b1acf4ef68827b14106ab74591ab4b8f
9714a07c36a44a5639f042841a89ca031aa02da4
c45cad606d40451a732068b4b9ffda664bb011ba1b4483852ca86b11f3627ce3
GET /fav/wmt/css/additional.css?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-1bc8"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8cwAMAk4oIDvkODX0gz9N0%2FDhVftG5RwJ3VQ46HzEHsuLeERMZwWSkuCA91Kc%2BCj89CCd%2FlMCbQw6wxZR%2BRi2eTzJhtJbpqcnhcxTAhP31MkSRvSV3fWXge351gpjSBO3i4vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d189ab503-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/sektor.js?82
104.21.80.226200 OK 1.6 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/sektor.js?82
IP 104.21.80.226:0
Hash f74913a553af03fcb5d16688f40f09ff
163796aaccdd159d276ab20e53729a8f73462ec6
8f709ff8c497a8b1805f81b9fa0cc4f8c92d8cb451ee886d62bb51fe1af0daff
GET /fav/wmt/js/sektor.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-116b"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgsilT5PgT00jORv79PXxj9iAEvfJO2P0tn%2Bb2Nlr%2FKaLjRxNuFe67uOpZz5yIgwtXxYSGFcJbjQHaYd%2B5FfuHOSTPGxZJb%2Fd5Jxd2J%2BJ0Mr75mjU3%2B0OAQm41DIrY3jQzPYbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d4d0eb523-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 08a230d8f3ca4aa6208db099d2d7139e
c26e33b4b69de280bab2ed28de28f1b001af1eac
ba5ce06dc2eb41128df1d26af414e656d0ab0e768ad1becb255d98e28f42e29b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1327
Cache-Control: max-age=119996
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Etag: "63885de6-118"
Expires: Sat, 03 Dec 2022 08:17:25 GMT
Last-Modified: Thu, 01 Dec 2022 07:55:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
we-meet-today.com/js/script.js?82
104.21.80.226200 OK 4.0 kB URL HTTP/1.1 we-meet-today.com/js/script.js?82
IP 104.21.80.226:0
Hash cc35d90137ec3c878aeb6ceb28bd60cf
b0c32064ec5a948c9c2c33438768879ca2e43dea
e7d859d599a91c901aaa7ee6d032337acbc2b760d943b8e4d715e7e29e0e9324
Analyzer Verdict Alert fortinet Phishing
GET /js/script.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 12:01:20 GMT
ETag: W/"633acf10-30d4"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUnaiRqrfC046G2xSckETDZoxpxKAS%2FYpzdtUj%2BMK%2B5M%2BqvwRvwGa4Q5N%2Fhi%2B5bBHYSUD5x0dW2VrViPmk1RXAKXnmRkPJRnKTLikTRtFkC%2Fm8aNy1u%2F6fb0xjyLrYks7Prwiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d2f5d0b4d-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/general.js?82
104.21.80.226200 OK 1.2 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/general.js?82
IP 104.21.80.226:0
Hash bd9dbb2970393ee22d11cb17b3e16564
c5657446a6ae9b3c95fda043a1656cf4782cebdb
0941ec6bebf09e01a9428a5a4606d9e2a055504a462f0b2d8d22cfc4febf4468
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/js/general.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 08:49:19 GMT
ETag: W/"636cbb0f-ad8"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvjl3RP9wvyl8s%2BovXWbolAHgc31aFQq85PZBpP7afjhZyWCmeVbiX1m0SgHUYpru9IBGp3fTn0AkB9INeInTRhfGtSUAgOLOduhgifdJlEdVjnMa5U4qObQPpkEhoyKNCj4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d2d4bb51e-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/main.js?82
104.21.80.226200 OK 5.3 kB URL HTTP/1.1 we-meet-today.com/js/main.js?82
IP 104.21.80.226:0
Hash 25a789a4e3b8690534449ad6c71d895a
3b6785430ece316753c62f6f2facaadd7408e337
6800a5801037fc30a1854e07b2cc109e5410347609bf456421b9b7a5a4ec8668
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:43:16 GMT
ETag: W/"63176a94-5ce5"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EFyTGjNG%2FwtEecViDga%2FSz92BoM9W7HHBHAG57wd3ts4rtw8GpAeTGX2Zk8AlsOXlOg3JhbU1fv9V%2Bii1LW%2BjZuNgmVTB1oJPW4h7tt0DItzDGr00pgu3D0naXzXIG5QSrd7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d2b781c02-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/fav/wmt/js/tt/02/app.js?82
104.21.80.226200 OK 3.1 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/tt/02/app.js?82
IP 104.21.80.226:0
Hash 566f58607b1c4b47dc79aa1a4c60d4d0
7de86ebaf669e67b22547e20a3791f48e9e9fc78
f858bce37397d5f4260a8dfe82b130efd29e1bc85371e75981168f8fd5d45f7d
GET /fav/wmt/js/tt/02/app.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 09:51:10 GMT
ETag: W/"63638f0e-2359"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fm9is14RExqt1dRODPy5zPR%2Bjk28ODzTd7GDJTc8tRy6nCuAbG7gyqJiVQpfHff8yns7kJkHPcUQHvcioZ71LjGgNQz1d280HEuba7R8pnVJDj2vu1Zvr03KvUpj0MhgDekrBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d78ecb503-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/notify.js?82
104.21.80.226200 OK 1.1 kB URL HTTP/1.1 we-meet-today.com/js/notify.js?82
IP 104.21.80.226:0
Hash 3b2d92e9efee2e0f9c3ccb0a2ae6bfcb
75d1b601260e855515dde0311fae850c5e06ea4a
0f3e5cf310cd33af2898491caa7351f8825b08e143ba8f26c7d007063c4aed8f
Analyzer Verdict Alert fortinet Phishing
GET /js/notify.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:34:37 GMT
ETag: W/"631f437d-b54"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2zPUyO1RbU5uNY65N3Zch5fV4ffFg0A9d8vC2uMr9XzfvwlLwxHJukbH03zygsmFbQUsdDAjAzV27HS1yFV8RNr8T052BFAzfXo4HbkQtm9mhg5SMB1187FmTGkKwEoqNmH%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d7d3bb523-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
104.21.80.226200 OK 35 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
IP 104.21.80.226:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6bf2d76cb230a7aa9826611fda6744d8
fdfb5f5a10b395c57feb07e07f15bc23ad5f617c
70c7f7e865d8a5e685595c8994211a46bffa65949f756f49f27cc3c22d1d192b
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/js/jquery-3.3.1.min.js HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-15339"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttzLuIe0U%2BgJuCWSJrBUk9DvBH5DSGnVre3saNArFgC8U2m3h40nihKe4qu7hguZtr4%2F3OGY%2F07qJQrKLmBnda9WNAVvGIraoGWUhzEkBhvKk4525YFHOTBb4dktx9d5fClK8w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0d2f3bb52d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b96fd57ff0ad1d65e9afeba4874c5916
955fa7f8dcd75d71f75cdc9e1035bbb7e92d08c5
4c0ab06456beb8242923476c4493810c9678c848516dc0665a16b645797e767b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C0AB06456BEB8242923476C4493810C9678C848516DC0665A16B645797E767B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1437
Expires: Thu, 01 Dec 2022 23:21:26 GMT
Date: Thu, 01 Dec 2022 22:57:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b96fd57ff0ad1d65e9afeba4874c5916
955fa7f8dcd75d71f75cdc9e1035bbb7e92d08c5
4c0ab06456beb8242923476c4493810c9678c848516dc0665a16b645797e767b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C0AB06456BEB8242923476C4493810C9678C848516DC0665A16B645797E767B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1437
Expires: Thu, 01 Dec 2022 23:21:26 GMT
Date: Thu, 01 Dec 2022 22:57:29 GMT
Connection: keep-alive
we-meet-today.com/fav/wmt/img/tt/02/logo.svg
104.21.80.226200 OK 3.9 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/img/tt/02/logo.svg
IP 104.21.80.226:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (890)
Hash 85b82f3d2ef7036367b4f12920b3fb8f
3096d9f7093f4eef81a8a1287b454f08f93c8c76
e8202961f223c452b73b4a2d3946bbc492abff4a814cd0bf638a1d3151a9a5b8
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/img/tt/02/logo.svg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-2006"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2LZZUqAA%2FAdNlJJ7U%2F%2BvhH1oKo2v2HxxNUBVMM2d2Rs3oK%2FsKRc24%2BmzAB2fKphxnKi8f3MJ9TEuQhk%2FtP3AGMkx6uMflGEvUpaYHb1RqLASdgTC43Qr%2BUHTvJIKyqHi4TIsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0dfbea1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
104.21.80.226200 OK 3.4 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
IP 104.21.80.226:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Hash e25421fcd356f9ad3925d5acb670d448
73d3da0ca8a41a87ab5940b62b46205250973c47
925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73
GET /fav/wmt/img/tt/02/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: image/jpeg
Content-Length: 3430
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: "62da8515-d66"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mja4XxZq0Xw4L5Vv%2BQbId2jqE5kLT2YjGTtNrdxDGeS0J%2BJc%2By6JPJK0oU3a44eh%2FLEeOBX8lz1MzDvZrdAzFtcMzrSY6eHBzlDUIv8J84X2shEGDyqnkYmFBHL0QxlZ%2BltK5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0dffdab52d-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 08a230d8f3ca4aa6208db099d2d7139e
c26e33b4b69de280bab2ed28de28f1b001af1eac
ba5ce06dc2eb41128df1d26af414e656d0ab0e768ad1becb255d98e28f42e29b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1327
Cache-Control: max-age=119996
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Etag: "63885de6-118"
Expires: Sat, 03 Dec 2022 08:17:25 GMT
Last-Modified: Thu, 01 Dec 2022 07:55:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
icalendar.datingtopgirls.com/icalendar.js
31.220.24.141200 OK 1.8 kB URL HTTP/1.1 icalendar.datingtopgirls.com/icalendar.js
IP 31.220.24.141:0
ASN #39572 DataWeb Global Group B.V.
Hash d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e
Analyzer Verdict Alert fortinet Malware
GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 08:43:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6307364a-173d"
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash cc8c42942d32329d581741319498c9d7
44627d1f5a706352b9e97e2f28a11f5b47a5bc3c
6d32869c33d23b05f39ae7c2c2633729aba34ec18ecb5055e116a7e40dd88fb9
GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 22:57:29 GMT
expires: Thu, 01 Dec 2022 22:57:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wmt.datingtopgirls.com/util/1-small.jpg
31.220.24.141200 OK 63 kB URL HTTP/1.1 wmt.datingtopgirls.com/util/1-small.jpg
IP 31.220.24.141:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data
Hash 30737574deb1bfc2fbe5ccb5ced7b656
12f02e651c9d3ac340c23aede3b2d9409194d6f5
711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29
GET /util/1-small.jpg HTTP/1.1
Host: wmt.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: image/jpeg
Content-Length: 62808
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-f558"
Accept-Ranges: bytes
we-meet-today.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1669924800
104.21.80.226200 OK 18 kB URL HTTP/1.1 we-meet-today.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1669924800
IP 104.21.80.226:0
File type ASCII text, with very long lines (37688), with no line terminators
Hash f703c6906a3fa442276bec7546c4fb29
b9053caf87fa8219e204c94f88887bda00deeaf9
cf942b6bd416d0f548d3c8ef6b0f01203f049f77e4fb5d400aa7482a13556061
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1669924800 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkyHaxqRvYcCXNxSMxeEBZhZc22MUyVJ9tgMVuHEgRpFsqS%2BzOemT1UaH2IS2bNhlQm3SZb%2FU1Stq5RqtRd4vwMGf%2B%2BT%2ByKmrOvBZAfbK4zOc2UbHUUW7I1k7gVqGX%2FsRYzZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0f08edb52d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 193581
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 02:08:31 GMT
expires: Mon, 27 Nov 2023 02:08:31 GMT
cache-control: public, max-age=31536000
age: 420538
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/fav/wmt/video/tt/02/1.mp4
104.21.80.226206 Partial Content 466 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/video/tt/02/1.mp4
IP 104.21.80.226:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 466 kB (465914 bytes)
Hash c3acc6bf0da85a13c9f74aa1c127ae9b
72584b1fe86a0f7b3e00ca397eafcb445b149d78
f3b9ab5a33561c74d6f4a0dda9fc194fd97ef5d8b82805a397a432fe88d54005
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/video/tt/02/1.mp4 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50
HTTP/1.1 206 Partial Content
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: video/mp4
Content-Length: 465914
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: "62da8515-71bfa"
Expires: Fri, 01 Dec 2023 22:57:29 GMT
Cache-Control: max-age=31536000
Content-Range: bytes 0-465913/465914
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUV2%2B34nIv%2B8C4B2zfvwvGkNp%2FUSfkUblBYg5fU3uDWB8ZYi3oTP0ek7CczuwnjUknBGd7C51Knx43rTEXqMmvPA5xi62QT5UHj7Lzq55EUtIq4xV9M8twxwk%2FsuQyJ4993FpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c0f0cd01c02-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72f35b2d7f6f81ec3040beabeb3c79cd
d33a3d1b7ed0e1ec8fd8357ffae2d3642112e3a3
9a68e37e3ce45baf82906db1f1c8146bde71613248c6d98ada0cdbcc34fc0529
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153553
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Etag: "6388e62a-117"
Expires: Sat, 03 Dec 2022 17:36:42 GMT
Last-Modified: Thu, 01 Dec 2022 17:36:42 GMT
Server: nginx
Content-Length: 279
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
142.250.74.78200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP 142.250.74.78:0
File type ASCII text, with very long lines (1921)
Hash f8c939bd8d1861fb141456ce8bc74bd6
833e21ed8c7482d64ea5a128f2d70a4899bc5b9a
acfbe414352eabd12ac7490c1b9e41b1d402ae66f2db1cc4abeac00eed5ea113
GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 22:57:29 GMT
expires: Thu, 01 Dec 2022 22:57:29 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 22:13:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43945
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8382
Expires: Fri, 02 Dec 2022 01:17:11 GMT
Date: Thu, 01 Dec 2022 22:57:29 GMT
Connection: keep-alive
my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP 139.45.195.8:0
Hash 1ba2794f0f7dd2b29159959320fd42bd
8e73fa295266b44f59b5bc53cafb7febe3c85e39
3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c
GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 22:57:29 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72f35b2d7f6f81ec3040beabeb3c79cd
d33a3d1b7ed0e1ec8fd8357ffae2d3642112e3a3
9a68e37e3ce45baf82906db1f1c8146bde71613248c6d98ada0cdbcc34fc0529
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=153553
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Etag: "6388e62a-117"
Expires: Sat, 03 Dec 2022 17:36:42 GMT
Last-Modified: Thu, 01 Dec 2022 17:36:42 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 22:11:15 GMT
cache-control: public,max-age=3600
age: 2774
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
we-meet-today.com/favicon.ico
104.21.80.226200 OK 546 B URL HTTP/1.1 we-meet-today.com/favicon.ico
IP 104.21.80.226:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2c50c27d15b9c17455956dd1092d04bb
aefadffd73aa16b667e82fb27411ec9f1a244ee0
0fb2aaf625eca930aa700f54bb18e8c523c8f2bac8a90bc3199111755801e804
GET /favicon.ico HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=3vrv2i55605kf&sub2=&sub8=&sub7=61&source=178261&c1=arb|765|
Cookie: hashid=189a913d31e51b048864af3600bbd923; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=3vrv2i55605kf; sub7=61; source=178261; affiliate_id=13989; st=1669935448; push_v2=50; _ga_C27SH5W4XN=GS1.1.1669935448.1.0.1669935448.0.0.0; _ga=GA1.1.340621566.1669935448; _ga_Q7W6GLM2DR=GS1.1.1669935448.1.0.1669935448.60.0.0; fpid=; fpid_sa=1669935447733; feid=6ff2db2fd6ae576c7250ed50ae77593e; sid=abe32bfe2f20fb273610023f4eed750a; feid_sa=0; sid_sa=0; utm=%7B%22ads_type%22%3A%22%22%7D; st_d=%7B%7D
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-47e"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWn%2FU%2B9gHgcC5W5FTxR2h53WdHvjvbDPqGqSwDF%2Be7Vay%2B1oQhxpVKH8GkPMtiznpR06pcraspLJ5YsD7Tm0XJkMwLhMC4kEbgNQ4%2Bi9q95Jk47l%2FOCrurzkvWTM1yyjglMUFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c11cf361c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D3vrv2i55605kf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D178261%2526c1%253Darb%257C765%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1669935447460&t_i=1669935447733&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=3vrv2i55605kf&fpid_sa=1669935447733&fpid=&feid_sa=1&sid_sa=1&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22178261%22%2C%22page_id%22%3A%22a5db4e0bceaa279260276b1ca3cffe13%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.57&cb=gl.cb.pv
172.67.170.116301 Moved Permanently 162 B URL HTTP/1.1 wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D3vrv2i55605kf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D178261%2526c1%253Darb%257C765%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1669935447460&t_i=1669935447733&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=3vrv2i55605kf&fpid_sa=1669935447733&fpid=&feid_sa=1&sid_sa=1&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22178261%22%2C%22page_id%22%3A%22a5db4e0bceaa279260276b1ca3cffe13%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.57&cb=gl.cb.pv
IP 172.67.170.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D3vrv2i55605kf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D178261%2526c1%253Darb%257C765%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1669935447460&t_i=1669935447733&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=3vrv2i55605kf&fpid_sa=1669935447733&fpid=&feid_sa=1&sid_sa=1&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22178261%22%2C%22page_id%22%3A%22a5db4e0bceaa279260276b1ca3cffe13%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.57&cb=gl.cb.pv HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 22:57:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D3vrv2i55605kf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D178261%2526c1%253Darb%257C765%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1669935447460&t_i=1669935447733&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=3vrv2i55605kf&fpid_sa=1669935447733&fpid=&feid_sa=1&sid_sa=1&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22178261%22%2C%22page_id%22%3A%22a5db4e0bceaa279260276b1ca3cffe13%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.57&cb=gl.cb.pv
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34DinDdlkYYUMffJx5pT%2Fq%2F0N0x21aKDpOgE1sQguDMbc29oC1igEQ0MTAK7pGb%2BpwewVWY80ATy2Yn3OdgzfCsZdXh5Emt%2B4l8%2B%2B8oWs3Z5BCnQHpCQZI2wklhPvHysQRk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c11de00b506-OSL
alt-svc: h2=":443"; ma=60
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=340621566.1669935448>m=2oebu0&aip=1&z=1606766093
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=340621566.1669935448>m=2oebu0&aip=1&z=1606766093
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=340621566.1669935448>m=2oebu0&aip=1&z=1606766093 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 22:57:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:30 GMT
Last-Modified: Thu, 01 Dec 2022 22:32:10 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN>m=2oebu0&_p=960638094&cid=340621566.1669935448&ul=en-us&sr=1280x1024&_s=1&sid=1669935448&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D3vrv2i55605kf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D178261%26c1%3Darb%7C765%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN>m=2oebu0&_p=960638094&cid=340621566.1669935448&ul=en-us&sr=1280x1024&_s=1&sid=1669935448&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D3vrv2i55605kf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D178261%26c1%3Darb%7C765%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C27SH5W4XN>m=2oebu0&_p=960638094&cid=340621566.1669935448&ul=en-us&sr=1280x1024&_s=1&sid=1669935448&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D3vrv2i55605kf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D178261%26c1%3Darb%7C765%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Thu, 01 Dec 2022 22:57:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /pdpobimXdOuCaCWPI5nzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tMcnnK25Pyy6fu5KxrGRMg0r2Wk=
my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D3vrv2i55605kf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D178261%26c1%3Darb%7C765%7C
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D3vrv2i55605kf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D178261%26c1%3Darb%7C765%7C
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D3vrv2i55605kf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D178261%26c1%3Darb%7C765%7C HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 22:57:30 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4d1f466983c649db82bd03f1d58a09d8; expires=Fri, 01 Dec 2023 22:57:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8636eeda5a1cd9b947759538a2e7710a
6029bce47a757b238fe2690727a9929fd6322abe
79572f3adca283f600523eceae37682e96675d499f5c8b4de0a76e2087d13ae7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105366
Date: Thu, 01 Dec 2022 22:57:30 GMT
Etag: "6388162e-1d7"
Expires: Sat, 03 Dec 2022 04:13:36 GMT
Last-Modified: Thu, 01 Dec 2022 02:49:18 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NrIPRVR28pmxXi-Yir7UG_0DQ6BXccW0d1QcSZ-hf8cBgU53vYck-g==
Age: 5058
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&RedC=c.clarity.ms&MXFR=0B4A9D17AE7660893E628F7AAA766E8D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0B4A9D17AE7660893E628F7AAA766E8D; domain=.clarity.ms; expires=Tue, 26-Dec-2023 22:57:30 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 01 Dec 2022 22:57:29 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=340621566.1669935448>m=2oebu0&aip=1
108.177.14.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=340621566.1669935448>m=2oebu0&aip=1
IP 108.177.14.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=340621566.1669935448>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Thu, 01 Dec 2022 22:57:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.227.53200 OK 19 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 2371af0fa44a6265bdd04855425782b6
7aa40c4f0e2abbf4c022ec9c90b43a0f970efc29
ac0378654229d2ddce0fad69d627ee405cacad1eb3bac481a0a34589330198cc
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0GweJYwAAAAAjciBFG16sQLPqXhzX0xKAQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0WjGJYwAAAAB2VgHwWzmxTYbFD30yb8Y1T1NMMjMxMDUwMjA1MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Thu, 01 Dec 2022 22:57:29 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&RedC=c.clarity.ms&MXFR=0B4A9D17AE7660893E628F7AAA766E8D
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&RedC=c.clarity.ms&MXFR=0B4A9D17AE7660893E628F7AAA766E8D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&RedC=c.clarity.ms&MXFR=0B4A9D17AE7660893E628F7AAA766E8D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&MUID=39F02C4592A56C65359B3E2893506DEA
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=39F02C4592A56C65359B3E2893506DEA; domain=c.bing.com; expires=Tue, 26-Dec-2023 22:57:30 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13C3952CDB86460B8600BD880608322E Ref B: OSL30EDGE0505 Ref C: 2022-12-01T22:57:30Z
date: Thu, 01 Dec 2022 22:57:30 GMT
content-length: 0
X-Firefox-Spdy: h2
wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&u_adb=0&t_op=1.339&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1669935447733&fpid=&feid_sa=2&sid_sa=2&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&vn=S-2.8.3&s_rst=0&xfeid=f6a8fb57526c31a1946ed68c31465297&st_d=%7B%7D
172.67.170.116301 Moved Permanently 162 B URL HTTP/1.1 wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&u_adb=0&t_op=1.339&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1669935447733&fpid=&feid_sa=2&sid_sa=2&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&vn=S-2.8.3&s_rst=0&xfeid=f6a8fb57526c31a1946ed68c31465297&st_d=%7B%7D
IP 172.67.170.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
POST /t/event/v4?e_t=btd_err&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&u_adb=0&t_op=1.339&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1669935447733&fpid=&feid_sa=2&sid_sa=2&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&vn=S-2.8.3&s_rst=0&xfeid=f6a8fb57526c31a1946ed68c31465297&st_d=%7B%7D HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 22:57:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=12774d8f-6df1-4a82-b42a-0cd1e1ebce3d&u_adb=0&t_op=1.339&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1669935447733&fpid=&feid_sa=2&sid_sa=2&feid=6ff2db2fd6ae576c7250ed50ae77593e&sid=abe32bfe2f20fb273610023f4eed750a&vn=S-2.8.3&s_rst=0&xfeid=f6a8fb57526c31a1946ed68c31465297&st_d=%7B%7D
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMBj98vC8bsJF%2BFdHtj5dVftfj20XCGxruksKi9SNWkol1ZNpRz%2BRnneHcxTzuXEwz2aruf41b9fY%2FOAQVTg7UU6na9imXLXxoRpqK55nQT4cSMOBa9hei8fi9tchXN1o%2BQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f6c16ab4ab506-OSL
alt-svc: h2=":443"; ma=60
c.clarity.ms/c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&MUID=39F02C4592A56C65359B3E2893506DEA
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&MUID=39F02C4592A56C65359B3E2893506DEA
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=5B17D22BCB5A418188736FD31C427C36&MUID=39F02C4592A56C65359B3E2893506DEA HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 01-Dec-2022 23:07:30 GMT; path=/; SameSite=None; Secure;
date: Thu, 01 Dec 2022 22:57:29 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 18779
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
date: Thu, 01 Dec 2022 22:57:30 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 17825
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
date: Thu, 01 Dec 2022 22:57:30 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
13.107.227.53200 OK 2.0 kB URL HTTP/2 www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d40a5a9d313886bf14b108ab4d62655d
8efdb59febd014c747df597dd8240dbfcbb6a254
ea2f84b51ef8e258c16946f0077a20df204623f492089a6f6d539381454ce94d
GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=2fba7c2857184dada15f186f751ec1c3.20221201.20231201; expires=Fri, 01 Dec 2023 22:57:29 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0WTGJYwAAAACCN+YWOuzXTJEvPtr8Mx/gT1NMMjMxMDUwMjA1MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Thu, 01 Dec 2022 22:57:29 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 22:57:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 4964
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wemeettoday.com/ascripts/gcu-2.8.3.js
172.67.170.116200 OK 37 kB URL HTTP/2 wemeettoday.com/ascripts/gcu-2.8.3.js
IP 172.67.170.116:0
File type Unicode text, UTF-8 text, with very long lines (59579)
Hash 210f8555de8eeec95ad88e9dfa11edcc
742931b98f5b98917d330d3afb1bcfc33990089e
6dceb4cb3a328c3992adab95e3dd6ad8cf77fac804770f229eaae5d7ac5519f6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ascripts/gcu-2.8.3.js HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:57:29 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 07:03:32 GMT
etag: W/"61fa2cc4-1737c"
expires: Thu, 01 Dec 2022 08:33:38 GMT
cache-control: max-age=86400, public
x-77-nzt: Abk73hFvprX/dsoAAA
x-77-nzt-ray: f4787b2752045f34593189633e38462b
x-cache: HIT
x-age: 51830
x-77-pop: amsterdamNL
x-77-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IEK7oo7BP8p2Y6qoeN0Sr9KXZe%2BodcHIUbBOoylic7eYQZoRPyNF056QvT%2BSUDwPfutoIt2BE1xkDmO0De0wYsUfpJgqeVu0XqWDGn3EFn02WPOMP3UMoRex62aq2ZDmMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f6c103c3a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IeSNcoyQJCF2o0-QIQnETp6mLbxcnY3yJmBGX6z0FRxjBttZ0yW7Og==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 03:37:58 GMT
age: 69573
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 1461
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5jKfLFWhSvvsiO5WxWbizQhKZdCj1IKR4ijCCZKjUCtni5qQcK5-Zw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:13:23 GMT
age: 67448
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 4043
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 74727
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
date: Thu, 01 Dec 2022 22:57:34 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato&display=swap?82
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato&display=swap?82
IP 142.250.74.106:0
GET /css?family=Lato&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 22:57:29 GMT
date: Thu, 01 Dec 2022 22:57:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
IP 142.250.74.106:0
GET /css2?family=Montserrat:wght@600&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 22:57:29 GMT
date: Thu, 01 Dec 2022 22:57:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:57:29 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2910
expires: Sun, 04 Dec 2022 22:57:29 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 772f6c0dcf4ffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2