we-meet-today.com/tt/02
172.67.154.135200 OK 7.1 kB IP 172.67.154.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2912)
Hash d987544401ae4084125c8ca7333127ad
c7e8a6b5041e09b0808c8eebb5771bbd573756a4
7bcc15614eae5387c16b229be0bff8738ac683deef0500a31e709913e86caa77
Analyzer Verdict Alert fortinet Phishing
GET /tt/02 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; expires=Sun, 05-Nov-2023 21:49:19 GMT; Max-Age=31536000; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwjo6Nlmrg0YpxQqVk4JBk4uy1rw9TFvqcLwsJCynO4iF6tJJaDjy%2B%2B6AH1TP0gJNEgDYXZa4MHyuNlt6Wf7m5vMS0B5fnvygbtGO5Zp9kY%2FFliYT7SUpViQ0uRqkezKPLaL4g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc722f51b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18024
Expires: Sun, 06 Nov 2022 02:49:43 GMT
Date: Sat, 05 Nov 2022 21:49:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6255
Cache-Control: max-age=134760
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:15:19 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 199
Cache-Control: max-age=128704
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 09:34:23 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3526
Expires: Sat, 05 Nov 2022 22:48:05 GMT
Date: Sat, 05 Nov 2022 21:49:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +4ljfPJyV/FGnSOYtjAW5tw3bSm4CLiGfxhne5nhOR19K8deOOmPemm5IPwOkBFsQ6i9ZcLwKl0=
x-amz-request-id: XSZ2F3PPY9AWP2K6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 21:10:11 GMT
age: 2348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 21:49:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
we-meet-today.com/fav/wmt/css/tt/02/app.css?82
172.67.154.135200 OK 5.0 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/css/tt/02/app.css?82
IP 172.67.154.135:0
Hash bc68ff480e3b144050e5f2b9ecb9f520
26ccb78db6a48fbcc702a12b51c6edd8fe3327cf
cc91dc70171a9dd42c3f38dbeb1e5a512a23ac6be67270234c8b1ce2ad957920
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/css/tt/02/app.css?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 15:11:08 GMT
ETag: W/"60b79f8c-52c2"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzcaPL5oA9bwk9n3uWgAObuOfFJah72Cga%2FJ4OVgnGzBGylGHZ0PmRALJWZw2ybz3R0FyQ3GzgLzuJkZh9Sgk7dSGR4a%2FAd8Fr6VvshC7dFrza8apVc36HJKUQ97EbWuogSXuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc74ead3b529-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/css/additional.css?82
172.67.154.135200 OK 2.3 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/css/additional.css?82
IP 172.67.154.135:0
Hash b1acf4ef68827b14106ab74591ab4b8f
9714a07c36a44a5639f042841a89ca031aa02da4
c45cad606d40451a732068b4b9ffda664bb011ba1b4483852ca86b11f3627ce3
GET /fav/wmt/css/additional.css?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Aug 2021 11:07:47 GMT
ETag: W/"611b9883-1bc8"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwf0iFGi3Q74jd8tgV%2BSXwM3xgvA8t6XamdNXdU0wcjtIgMBh7%2B7Pkwzgp4%2FQ%2FU1xZ%2FD3nkwlq1IeeplW6fI7UcDcdzzHcrZLLwlB3CQwuPRNT1YSWCWovZVyKpA6E%2B50%2Bf0HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc74ef0dfab4-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/main.js?82
172.67.154.135200 OK 5.3 kB URL HTTP/1.1 we-meet-today.com/js/main.js?82
IP 172.67.154.135:0
Hash 25a789a4e3b8690534449ad6c71d895a
3b6785430ece316753c62f6f2facaadd7408e337
6800a5801037fc30a1854e07b2cc109e5410347609bf456421b9b7a5a4ec8668
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:41:39 GMT
ETag: W/"631f4523-5ce5"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcpya7tzbep3HJyYmA3RSOy3Qbyk4dxKZI8lgSqBx8bG7kWeoWE13D0b7%2F2%2BaFBgqWTNKDGDTPNAY6A4QUK1ldgbSaL84lOwb2fkrnptVaG9XMzUXh3RgluVTHDKayeciPNuXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc74ffa70b55-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/sektor.js?82
172.67.154.135200 OK 1.6 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/sektor.js?82
IP 172.67.154.135:0
Hash f74913a553af03fcb5d16688f40f09ff
163796aaccdd159d276ab20e53729a8f73462ec6
8f709ff8c497a8b1805f81b9fa0cc4f8c92d8cb451ee886d62bb51fe1af0daff
GET /fav/wmt/js/sektor.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-116b"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BH7vsxxhfk%2Fa8URxQJy7OEvHPw1b8IvpONUPm4lUqKznNjXz4sdigL8AAKgcI7TBdi%2F6jkpJZM6ye7NnVKuzUsYEpRTGGIxs2IXcmHh5yKyCaDupRGHTNN%2F0Gimness9yxNQkg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc752b78b529-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/general.js?82
172.67.154.135200 OK 1.2 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/general.js?82
IP 172.67.154.135:0
Hash 8957d656d74eb89af3f3847a07953bb9
b635e2f1ebc0722f51364f0d5e35d82ddacb3096
6c692c3c4d2a00fd99c3ab65fdc6ab2ce99c177181d25cd0e3ba6e478891c81b
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/js/general.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 10:27:26 GMT
ETag: W/"6362460e-b06"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lxHX%2BwEQES9aIEER8UEei6gxKhmUK29nnoYX7Eu0mQ0vfeNEdWVk6TcOdF59dXIQrpCFteK2WBYCIcrFbhAijkobe4P3AYLH3%2FpOYDNqMSAdeXIsnbp0kZoqIn%2BzBjmhbIykA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc7508360b49-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/script.js?82
172.67.154.135200 OK 4.0 kB URL HTTP/1.1 we-meet-today.com/js/script.js?82
IP 172.67.154.135:0
Hash cc35d90137ec3c878aeb6ceb28bd60cf
b0c32064ec5a948c9c2c33438768879ca2e43dea
e7d859d599a91c901aaa7ee6d032337acbc2b760d943b8e4d715e7e29e0e9324
Analyzer Verdict Alert fortinet Phishing
GET /js/script.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 08:02:04 GMT
ETag: W/"633550fc-30d4"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8Als8Hz6WcLKSt7kHSmYqC1kIlm9GEN3kAi%2FQ6ymxZoGL5MZohBEE3FvmxpYxP1%2FapNJ%2FVrk59UlszeKdhUbU2k9zIRiWHEUY1X4Rsjhhb4KWnxkeTK0Z9MBJQE1qrhY9gAyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc750e491bfe-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 703095a248d2320316d6485f2e002d2a
9e751be52aea5668fec56fc42b6d5bf4282aa94e
6b73ea2ffe6fefd3031a2224a857e38ffe098934c0ef65d89afcb0657bfdd4c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4440
Cache-Control: max-age=123596
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Etag: "636608d3-117"
Expires: Mon, 07 Nov 2022 08:09:15 GMT
Last-Modified: Sat, 05 Nov 2022 06:55:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
172.67.154.135200 OK 35 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
IP 172.67.154.135:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6bf2d76cb230a7aa9826611fda6744d8
fdfb5f5a10b395c57feb07e07f15bc23ad5f617c
70c7f7e865d8a5e685595c8994211a46bffa65949f756f49f27cc3c22d1d192b
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/js/jquery-3.3.1.min.js HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-15339"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pYGyPg7Sdi6DYyuUP8VXtPOEnZad%2FxvrMnxd8dPae%2Fyz3ZKGk%2Bj9dHxsJs43BU0MiJfB2EkbKpLWbTAzK2RlNTuqBFFtf%2BRxq7RBU6T4rSrY5DwTTPdbiFMx4EywwqzWb9Aiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc74f8edb511-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 749915835e8330b625b9fae65d3b0614
8f3131640c169a386c330992673510b140ed115c
9e824c7910857c0360e52da68a28f0fc721db2e944c300129ffb4817ae594ef7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E824C7910857C0360E52DA68A28F0FC721DB2E944C300129FFB4817AE594EF7"
Last-Modified: Sat, 05 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6768
Expires: Sat, 05 Nov 2022 23:42:07 GMT
Date: Sat, 05 Nov 2022 21:49:19 GMT
Connection: keep-alive
we-meet-today.com/fav/wmt/js/tt/02/app.js?82
172.67.154.135200 OK 3.1 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/tt/02/app.js?82
IP 172.67.154.135:0
Hash 566f58607b1c4b47dc79aa1a4c60d4d0
7de86ebaf669e67b22547e20a3791f48e9e9fc78
f858bce37397d5f4260a8dfe82b130efd29e1bc85371e75981168f8fd5d45f7d
GET /fav/wmt/js/tt/02/app.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 09:00:14 GMT
ETag: W/"6362319e-2359"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ee1ymIh2wS3dTMj0%2BjldecalNJHYwu1QVFwYj%2FmA4tzyMuBbgee7CQHlWfOECAx%2BgnVTPRKxn3Zx2CICSPnr0HQ%2BS6kS1ZpKCjA9bIJMDy1yrupouudPoPzQbHJJBHFqOVrrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc757f5dfab4-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/notify.js?82
172.67.154.135200 OK 1.1 kB URL HTTP/1.1 we-meet-today.com/js/notify.js?82
IP 172.67.154.135:0
Hash 3b2d92e9efee2e0f9c3ccb0a2ae6bfcb
75d1b601260e855515dde0311fae850c5e06ea4a
0f3e5cf310cd33af2898491caa7351f8825b08e143ba8f26c7d007063c4aed8f
Analyzer Verdict Alert fortinet Phishing
GET /js/notify.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:41:39 GMT
ETag: W/"631f4523-b54"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiql%2FNgbdlMLjr1v7inWMdDqhq3IEZqILwA0xgImrCVur0%2BgUiCEE75IqNf8tKHm4nNcZQZ0roeY8IWbQh0hx3vyQFvyLCp%2FVZvhQfaGsePmldm5RJGUpPBZw5CbIwkeFGnOGw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc7578800b55-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 749915835e8330b625b9fae65d3b0614
8f3131640c169a386c330992673510b140ed115c
9e824c7910857c0360e52da68a28f0fc721db2e944c300129ffb4817ae594ef7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E824C7910857C0360E52DA68A28F0FC721DB2E944C300129FFB4817AE594EF7"
Last-Modified: Sat, 05 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6768
Expires: Sat, 05 Nov 2022 23:42:07 GMT
Date: Sat, 05 Nov 2022 21:49:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 703095a248d2320316d6485f2e002d2a
9e751be52aea5668fec56fc42b6d5bf4282aa94e
6b73ea2ffe6fefd3031a2224a857e38ffe098934c0ef65d89afcb0657bfdd4c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 437
Cache-Control: max-age=119592
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Etag: "636608d3-117"
Expires: Mon, 07 Nov 2022 07:02:31 GMT
Last-Modified: Sat, 05 Nov 2022 06:55:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
icalendar.datingtopgirls.com/icalendar.js
31.220.24.141200 OK 1.8 kB URL HTTP/1.1 icalendar.datingtopgirls.com/icalendar.js
IP 31.220.24.141:0
ASN #39572 DataWeb Global Group B.V.
Hash d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e
Analyzer Verdict Alert fortinet Malware
GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript
Last-Modified: Mon, 23 May 2022 15:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"628ba83c-173d"
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP 142.250.74.168:0
File type ASCII text, with very long lines (18991)
Hash 791f8c92fd04c6f349a83f43384d5b1a
ea396999f764d8f6efafdf54bce4fddb77890f4e
3d4fd6c2a0a20a1e180a35e59237f3f5fe0bbfe57cbe26e95a5d7877e3e9f313
GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 21:49:19 GMT
expires: Sat, 05 Nov 2022 21:49:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
172.67.154.135200 OK 3.4 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
IP 172.67.154.135:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Hash e25421fcd356f9ad3925d5acb670d448
73d3da0ca8a41a87ab5940b62b46205250973c47
925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73
GET /fav/wmt/img/tt/02/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: image/jpeg
Content-Length: 3430
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: "5fec4299-d66"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gj5b0r%2FzF8LyivLjVoz%2Fz%2FPoOWQb1zJXlkyyK5Z3qUGFm7PDaqv83XPdtarlXgdcmFzXrzIOPPr7CgnzXoLXG1HgJvJYeNsFbaNt8xjvhcq7xsjsPVx7BTToaqLRwVmwG1G6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc7609260b55-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/img/tt/02/logo.svg
172.67.154.135200 OK 3.9 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/img/tt/02/logo.svg
IP 172.67.154.135:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (890)
Hash 85b82f3d2ef7036367b4f12920b3fb8f
3096d9f7093f4eef81a8a1287b454f08f93c8c76
e8202961f223c452b73b4a2d3946bbc492abff4a814cd0bf638a1d3151a9a5b8
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/img/tt/02/logo.svg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-2006"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5RlXF%2FwoK21qJMubbY9ncu23Qvi83gtzh01HfrOrzmiqOH2ybMkaZTlz%2BdqgSWAUPfMmC%2FvXkg3qkl32KcA5QJMA%2B57rIdm9o9UYwL%2FBqruJQmqKGTFqIcRAw0R7cy8maeluA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc760a6ab511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wmt.datingtopgirls.com/util/1-small.jpg
31.220.24.141200 OK 63 kB URL HTTP/1.1 wmt.datingtopgirls.com/util/1-small.jpg
IP 31.220.24.141:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data
Hash 30737574deb1bfc2fbe5ccb5ced7b656
12f02e651c9d3ac340c23aede3b2d9409194d6f5
711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29
GET /util/1-small.jpg HTTP/1.1
Host: wmt.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: image/jpeg
Content-Length: 62808
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-f558"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667678400
172.67.154.135200 OK 18 kB URL HTTP/1.1 we-meet-today.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667678400
IP 172.67.154.135:0
File type ASCII text, with very long lines (37462), with no line terminators
Hash 442e0b2e6725d358d559b8c14a75fd0d
3f571d2a7daf72875245b2969abf2c462d7a378a
b229f1b65e3b81ef68b4c2bd60618636e96b0af0504c90284c479c7b06d483a9
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667678400 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
cache-control: max-age=14400, public
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyRbZOcFgLKWW%2Bv47Fm78ndlfokQoRNKmOq7SO2WLt3NuuI9h3YSNS%2BnapWwoUV0bk1I029iqPY8vUH0FZnjSCLohkaYjsZ807VIlBGGm4duKV1rkeXJ8VyvtN19YY9EGMV4xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc770b9eb511-OSL
alt-svc: h2=":443"; ma=60
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 3.3 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
File type ASCII text, with very long lines (9097)
Hash 4f4953772351cbfe60354314863f5d55
3dd25d270da5007b212666852178f98e42ea2363
05b333dff7bc43eead0d5ef3d73df9c5f093f4a0a2147c7f5996b7fb774ef00f
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 21:49:19 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 902
expires: Tue, 08 Nov 2022 21:49:19 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7658cc75eb9c0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Lato&display=swap?82
142.250.74.10200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato&display=swap?82
IP 142.250.74.10:0
Hash 49b814609c473037aa1ebd0e5ea8bc65
20a5b0b502e3a6bb5a6c8ca844676303bd79689f
78af117503e3bc2f9873f949b1338363e8ec6f23a5270d99de99df2d4837c2e7
GET /css?family=Lato&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 21:49:19 GMT
date: Sat, 05 Nov 2022 21:49:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 01:44:04 GMT
expires: Sun, 05 Nov 2023 01:44:04 GMT
cache-control: public, max-age=31536000
age: 72315
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/fav/wmt/video/tt/02/1.mp4
172.67.154.135206 Partial Content 466 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/video/tt/02/1.mp4
IP 172.67.154.135:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 466 kB (465914 bytes)
Hash c3acc6bf0da85a13c9f74aa1c127ae9b
72584b1fe86a0f7b3e00ca397eafcb445b149d78
f3b9ab5a33561c74d6f4a0dda9fc194fd97ef5d8b82805a397a432fe88d54005
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/video/tt/02/1.mp4 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=3; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667680319.2.0.1667680327.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667680319.2.0.1667680327.52.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect
HTTP/1.1 206 Partial Content
Date: Sat, 05 Nov 2022 21:49:19 GMT
Content-Type: video/mp4
Content-Length: 465914
Connection: keep-alive
Last-Modified: Mon, 04 Apr 2022 13:40:02 GMT
ETag: "624af532-71bfa"
Expires: Sun, 05 Nov 2023 21:49:19 GMT
Cache-Control: max-age=31536000
Content-Range: bytes 0-465913/465914
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwjNgOjpqyVFZcmvUyCn%2F9hoOvWTyhosRDndPZ442Vzw5rYBbDTbdyVdpVTFdHjGEmHSCxUBRPCETA2SvPctTA5b99XlT2AVvacdKO4KgFgWwzbJ8%2FpddfwycYLt1xuJf5u8fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc771badb511-OSL
alt-svc: h2=":443"; ma=60
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
142.250.74.78200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP 142.250.74.78:0
File type ASCII text, with very long lines (1921)
Hash 3ae23e0a5e0b6f7ecc359937dc247908
4e67c49ffaf16f50a77f42834a29b81537e830a4
027a161daeda37ef06f0aef14989a751b3d2c3adc34173bc7640976450a98c10
GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 21:49:20 GMT
expires: Sat, 05 Nov 2022 21:49:20 GMT
cache-control: private, max-age=900
last-modified: Sat, 05 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1667684957683&t_i=1667684958055&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=6d181224-9c3d-4516-b1c5-a2e7cb405e73&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6366a8a8b2c54700014f063e&fpid_sa=1667672249985&fpid=03c768c68e2ca3194abcacb93172ff40&feid_sa=4&sid_sa=1&feid=c886d0fee0940b474d5548437d550d37&sid=363a9c694a802ff868858a13570c3e4b&xfeid=686f5ab52c38fa7eb3564c907aeebc6f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%22a3d224e7170b81710dc55d867645374e%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.327&cb=gl.cb.pv
172.67.170.116301 Moved Permanently 162 B URL HTTP/1.1 wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1667684957683&t_i=1667684958055&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=6d181224-9c3d-4516-b1c5-a2e7cb405e73&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6366a8a8b2c54700014f063e&fpid_sa=1667672249985&fpid=03c768c68e2ca3194abcacb93172ff40&feid_sa=4&sid_sa=1&feid=c886d0fee0940b474d5548437d550d37&sid=363a9c694a802ff868858a13570c3e4b&xfeid=686f5ab52c38fa7eb3564c907aeebc6f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%22a3d224e7170b81710dc55d867645374e%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.327&cb=gl.cb.pv
IP 172.67.170.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1667684957683&t_i=1667684958055&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=6d181224-9c3d-4516-b1c5-a2e7cb405e73&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6366a8a8b2c54700014f063e&fpid_sa=1667672249985&fpid=03c768c68e2ca3194abcacb93172ff40&feid_sa=4&sid_sa=1&feid=c886d0fee0940b474d5548437d550d37&sid=363a9c694a802ff868858a13570c3e4b&xfeid=686f5ab52c38fa7eb3564c907aeebc6f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%22a3d224e7170b81710dc55d867645374e%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.327&cb=gl.cb.pv HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 05 Nov 2022 21:49:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1667684957683&t_i=1667684958055&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=6d181224-9c3d-4516-b1c5-a2e7cb405e73&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6366a8a8b2c54700014f063e&fpid_sa=1667672249985&fpid=03c768c68e2ca3194abcacb93172ff40&feid_sa=4&sid_sa=1&feid=c886d0fee0940b474d5548437d550d37&sid=363a9c694a802ff868858a13570c3e4b&xfeid=686f5ab52c38fa7eb3564c907aeebc6f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%22a3d224e7170b81710dc55d867645374e%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.327&cb=gl.cb.pv
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFkfsGfJ3MRP12KIX13kemtBQGy0MqRxjOqvkSDkda%2BBpjUrIwP1IyUgsJtbKv8zgBj8ETVP36s96DYK2o31tSf8EOtljAF6uCyL9YtIAMeOKfPunMI3BZhnEF6LLnhkIss%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc788831b503-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/favicon.ico
172.67.154.135200 OK 546 B URL HTTP/1.1 we-meet-today.com/favicon.ico
IP 172.67.154.135:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2c50c27d15b9c17455956dd1092d04bb
aefadffd73aa16b667e82fb27411ec9f1a244ee0
0fb2aaf625eca930aa700f54bb18e8c523c8f2bac8a90bc3199111755801e804
GET /favicon.ico HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02
Cookie: hashid=544113df9d2b1dcbe30cf69d1204244d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=1; sub1=6366a8a8b2c54700014f063e; affiliate_id=1698; mst=2; st=1667672250; push_v2=51; wmt_auto_play=2; fpid=03c768c68e2ca3194abcacb93172ff40; fpid_sa=1667672249985; feid=c886d0fee0940b474d5548437d550d37; feid_sa=4; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1667684958.3.0.1667684958.0.0.0; _ga=GA1.1.426195514.1667672250; _ga_Q7W6GLM2DR=GS1.1.1667684958.3.0.1667684958.60.0.0; xfeid=686f5ab52c38fa7eb3564c907aeebc6f; _clck=1rttpaq|1|f6b|0; btd=01GH4G686SG8AJDBP3FDSDZY22; _clsk=7y29jm|1667680320930|1|1|b.clarity.ms/collect; sid=363a9c694a802ff868858a13570c3e4b; sid_sa=1; utm=%7B%22ads_type%22%3A%22%22%7D
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:49:20 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:27:36 GMT
ETag: W/"5fec4808-47e"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYnr0cO2C2Jn%2B9Ab9qbZs1mhBZ7oq%2BQ2VpR39s6wx7kZguGrwsvBIeJ5IgYFUC407AJXdo0w3hX6pEXGtqZ%2Bh6he75FAmS%2FsxSODQjqM0Sutvk3mauc3srEjCTcl33GkQug2aw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7658cc7a28c0b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3806
Cache-Control: max-age=127253
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:20 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:10:13 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=426195514.1667672250>m=2oeb20&aip=1&z=218208643
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=426195514.1667672250>m=2oeb20&aip=1&z=218208643
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=426195514.1667672250>m=2oeb20&aip=1&z=218208643 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 21:49:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
13.107.246.53200 OK 2.0 kB URL HTTP/2 www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d667d74b9ddd2e708408776ba95a2e20
815033aadd8de6f1d37f2a4a957af17ed14c297d
3d3d36755256d9db0192e2ff0c97cd1cf2358006c35441bac190651450c1bad2
GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=e9b2157234a5408c929253e21efc256f.20221105.20231105; expires=Sun, 05 Nov 2023 21:49:20 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0YNpmYwAAAADk8OSCEagQRY9PRrvZyuYJU1ZHMjBFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 05 Nov 2022 21:49:20 GMT
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN>m=2oeb20&_p=1217356477&cid=426195514.1667672250&ul=en-us&sr=1280x1024&_s=1&sid=1667684958&sct=3&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_ss=1&epn.percent_scrolled=90
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN>m=2oeb20&_p=1217356477&cid=426195514.1667672250&ul=en-us&sr=1280x1024&_s=1&sid=1667684958&sct=3&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_ss=1&epn.percent_scrolled=90
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C27SH5W4XN>m=2oeb20&_p=1217356477&cid=426195514.1667672250&ul=en-us&sr=1280x1024&_s=1&sid=1667684958&sct=3&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Sat, 05 Nov 2022 21:49:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.246.53200 OK 55 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d1f804c591e0851de95491149db49b4b
46fbcfd85d543baddb891fbbeaf35a04a7866e04
d16c64232a03b7f3fa2fb0ce28bc467721764186769dc0340ecd5e6bb2263edd
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ec7677589f4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0YNpmYwAAAAD9LMkLNtS0QJOf99PrZUq5U1ZHMjBFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 05 Nov 2022 21:49:20 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sTd7zhGgQiKJLXgLs8jIHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OXhifwAAG6pc3/rotZIPHrqUq3I=
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&RedC=c.clarity.ms&MXFR=00EB3A431DAA6139103F281019AA6F1D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=00EB3A431DAA6139103F281019AA6F1D; domain=.clarity.ms; expires=Thu, 30-Nov-2023 21:49:20 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 05 Nov 2022 21:49:20 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.bing.com/c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&RedC=c.clarity.ms&MXFR=00EB3A431DAA6139103F281019AA6F1D
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&RedC=c.clarity.ms&MXFR=00EB3A431DAA6139103F281019AA6F1D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&RedC=c.clarity.ms&MXFR=00EB3A431DAA6139103F281019AA6F1D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&MUID=3E68DC494FF368743398CE1A4EA469D0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3E68DC494FF368743398CE1A4EA469D0; domain=c.bing.com; expires=Thu, 30-Nov-2023 21:49:20 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48C264592D63436493B16D4A9474494E Ref B: OSL30EDGE0307 Ref C: 2022-11-05T21:49:20Z
date: Sat, 05 Nov 2022 21:49:20 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=426195514.1667672250>m=2oeb20&aip=1
64.233.165.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=426195514.1667672250>m=2oeb20&aip=1
IP 64.233.165.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=426195514.1667672250>m=2oeb20&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Sat, 05 Nov 2022 21:49:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&MUID=3E68DC494FF368743398CE1A4EA469D0
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&MUID=3E68DC494FF368743398CE1A4EA469D0
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=25C6418FA4F54A70A20ED7352DA204A9&MUID=3E68DC494FF368743398CE1A4EA469D0 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 05-Nov-2022 21:59:20 GMT; path=/; SameSite=None; Secure;
date: Sat, 05 Nov 2022 21:49:20 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 972
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
date: Sat, 05 Nov 2022 21:49:20 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:49:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:49:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:49:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:49:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:49:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 308da46611df43543d31ca502986bea2
0bf4de356c3a64785fe116161cb931b3b2476f5d
63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _-RekVvWiPI4MHy0Up2j6D6a_NcPywYvDeydP3QlbCceU7NfWk00jQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:21 GMT
age: 86220
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaf06d0fb99703abfd57b962eb21ce96
ce73b0ad22139bec863ed990e3d3af4bdc3df288
a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lOCFTDiIxZDBzypATpujFz2hjWPabqjokrpq1-5An86y5lZLG5xHxQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 07:40:21 GMT
age: 50940
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: ab7cc6ee-976d-41a4-b5da-0aefd5cb6246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEJnzH15oAMFlwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bc98-68f910b60bd5ecaf2947c59a;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:17:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JnvKcym5f71Ra_ZHzkTXnU7Fa3D5zBFK9JFKXA_A3G98jN9r3Jikyw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 08:24:07 GMT
age: 48314
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CKSa8_W-V5Rf8od3FFPgvBmlfXcqaYotYT5u6Gm8UvmXECcAzfAGoA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 14:36:54 GMT
age: 25947
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6mALhsUwtQqMP_p_HxFaiCyfRDTtVzPIJjeDrKSEq7Tc_d5EcNw3Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:32 GMT
age: 86209
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 55282
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wemeettoday.com/ascripts/gcu-2.8.3.js
172.67.170.116200 OK 0 B URL HTTP/2 wemeettoday.com/ascripts/gcu-2.8.3.js
IP 172.67.170.116:0
Analyzer Verdict Alert fortinet Malware
GET /ascripts/gcu-2.8.3.js HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 21:49:19 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 07:03:32 GMT
etag: W/"61fa2cc4-1737c"
expires: Sun, 06 Nov 2022 08:33:41 GMT
cache-control: max-age=86400, public
x-77-nzt: AblMCgpGoQL/eroAAA
x-77-nzt-ray: ffffffff01faa98b5fda666309529736
x-cache: HIT
x-age: 47738
x-77-pop: amsterdamNL
x-77-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSBHZUgoyrzTnYK73gI6uCfBFtzNxx1csm7yuGcgpR4J1eFhtWEPY4OcFDMZ0zyvxHDi%2B9xrOUEs%2FDEEbEqN9yk81nAPqdtJ1Mf2Fsv8D5txLocDwOvvxCuV25xuEdGZqyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7658cc76c8d91c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
IP 142.250.74.10:0
GET /css2?family=Montserrat:wght@600&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 21:49:19 GMT
date: Sat, 05 Nov 2022 21:49:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2