we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
200 OK 7.1 kB URL HTTP/1.1 we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2912)
Hash bd8f5ed96191a9d8f0cd4049d5cea338
71d804d4258861e4e368432aab8eb42fe8aec8ab
395fc5c0125b45a2875f9807e47f0ff585ea59e1bd96b5e9b04ea2dd5483aa65
GET /tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957| HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hashid=af92d8c8cd0074d1cc0a2c7aec7d84f3; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
country=Norway; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
region=Oslo+County; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
country_code=no; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
latitude=59.955; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
longitude=10.859; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
tour=02; expires=Fri, 05-Dec-2025 05:06:56 GMT; Max-Age=94608000; path=/
hashid=008e770d09c5f7774985599acee6209d; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=1omfebm58lblp; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=61; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=224161; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=13989; expires=Wed, 06-Dec-2023 05:06:56 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1670303216; expires=Wed, 07-Dec-2022 05:06:56 GMT; Max-Age=86400; path=/
push_v2=49; expires=Tue, 13-Dec-2022 05:06:56 GMT; Max-Age=604800; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i98by0xnCm%2FRh9Apqu%2FiaDXUNiCSu9%2FG06N7lbS9Xr3434Zc00ks9%2BXeCnXBS%2B90H3%2BHGheTzbSvXzWujpMm7YFI5KeVmrxoxffST0dXn3p66YonLPX%2BPTEj%2BAjszYgEcJfkgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ebf0ef21bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4464
Expires: Tue, 06 Dec 2022 06:21:20 GMT
Date: Tue, 06 Dec 2022 05:06:56 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6291
Cache-Control: max-age=112154
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:56 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:16:10 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16481
Expires: Tue, 06 Dec 2022 09:41:37 GMT
Date: Tue, 06 Dec 2022 05:06:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 04:18:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2902
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: la+DltyKaI1yThbXWZNeglm6AE3mtpgTIyFKBdZs00dSeGFjvVycQ3E5Vt54Fr9sB+FCRi1lAXs=
x-amz-request-id: YN9Q32CXDF8KY5SJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 04:46:58 GMT
age: 1198
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 05:06:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
we-meet-today.com/fav/wmt/css/tt/02/app.css?82
200 OK 5.0 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/css/tt/02/app.css?82
IP
Hash bc68ff480e3b144050e5f2b9ecb9f520
26ccb78db6a48fbcc702a12b51c6edd8fe3327cf
cc91dc70171a9dd42c3f38dbeb1e5a512a23ac6be67270234c8b1ce2ad957920
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/css/tt/02/app.css?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-52c2"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLQ0CDk0UTqg0rM2J9FjD7ihR6t7%2FkJ3eWLIvmIX1e5tnFAsjKYv72xNddCG%2FSTiEW5O9%2FtOzRQqhdLCzODFFT2nyiM4uqrBbF%2BeLb105u7mGiVLcT3dCsNNA1RXK1SDYIXn%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1afe71bfe-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/notify.js?82
200 OK 1.1 kB URL HTTP/1.1 we-meet-today.com/js/notify.js?82
IP
Hash 3b2d92e9efee2e0f9c3ccb0a2ae6bfcb
75d1b601260e855515dde0311fae850c5e06ea4a
0f3e5cf310cd33af2898491caa7351f8825b08e143ba8f26c7d007063c4aed8f
Analyzer Verdict Alert fortinet Phishing
GET /js/notify.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:34:37 GMT
ETag: W/"631f437d-b54"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YiBDYZMr4Rk%2FdLWb2MneGzXtFarvAysWDLt%2BL%2B%2BLUjRQ%2B5%2FB0FqZxMSt4ky9Mo7MoL%2BaWRR8R8rqXmQufRe1snbyO1fNIhYHtRSQIwBFqRz2S051hAUdOYIivpoJFQYnxEYrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1eff81bfe-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/css/additional.css?82
200 OK 2.3 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/css/additional.css?82
IP
Hash b1acf4ef68827b14106ab74591ab4b8f
9714a07c36a44a5639f042841a89ca031aa02da4
c45cad606d40451a732068b4b9ffda664bb011ba1b4483852ca86b11f3627ce3
GET /fav/wmt/css/additional.css?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-1bc8"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YNxAnEe3zHRUd8PZi5XklewCFcIhMF3rNzb25sqonzItz2TJ%2BOg3pAyQvenrhQT31YgA54cc40XC4Fs4mO1T0s0%2F194WoAdlNWEnE4WyiNMoN2r9UL4KG1OI9uuHzISfQVnXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1ae51b4f9-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/js/main.js?82
200 OK 5.3 kB URL HTTP/1.1 we-meet-today.com/js/main.js?82
IP
Hash 25a789a4e3b8690534449ad6c71d895a
3b6785430ece316753c62f6f2facaadd7408e337
6800a5801037fc30a1854e07b2cc109e5410347609bf456421b9b7a5a4ec8668
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 15:43:16 GMT
ETag: W/"63176a94-5ce5"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsCbA1JX5FubtgBzzu1g5WxjSyx1%2Fm%2F5ImtJUookp%2B3p8VZxsawFjEjSEOvKEewVAJdQtrtyrvIjiBDWAJA2tBNiX1EJxJ2kxqjKGtCx9na8ctwkYrvb6TlrV%2BqpFLwNJuZGRw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1b960b509-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 278 B IP
Hash c3d4c131c515e561a664e14293591841
82c6cef0ccb5a98aa7770ec873c299d1ffefb4ae
6c6bca48553eedcccc69d7fd51b614a9c8c2242e6fbc17bb3e31fb01f805e66e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5133
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:56 GMT
Last-Modified: Tue, 06 Dec 2022 03:41:23 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
200 OK 35 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6bf2d76cb230a7aa9826611fda6744d8
fdfb5f5a10b395c57feb07e07f15bc23ad5f617c
70c7f7e865d8a5e685595c8994211a46bffa65949f756f49f27cc3c22d1d192b
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/js/jquery-3.3.1.min.js HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-15339"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtHNPsnKUiK3zrEejLzNCGN%2BnZcLVD8VdIAIoYYKCnW5cmkUIq63GBueVVlboupxiUE0hfVfljtsZaUZ%2FqEp1takhNnwgP2p1nxfqM6%2Ft%2BdA0q1BNpuNBoiRy1Jwep36axTm0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1bb3c0b02-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/fav/wmt/js/sektor.js?82
200 OK 1.6 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/sektor.js?82
IP
Hash f74913a553af03fcb5d16688f40f09ff
163796aaccdd159d276ab20e53729a8f73462ec6
8f709ff8c497a8b1805f81b9fa0cc4f8c92d8cb451ee886d62bb51fe1af0daff
GET /fav/wmt/js/sektor.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-116b"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkMzTBMHSLreAnqI%2BsC7rLvJL9%2B8IGZpxZv3KNQYjJAKs2AU5SvWsdrnF%2FZVZ5ty%2FTXvtdIs%2BwK0MnKZz6vIiHNP16BKvKx5Lca6cULN0GOYGqzBPB%2Bdoh5sfJXzHXzmFxg%2Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1e92fb50f-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/tt/02/app.js?82
200 OK 3.1 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/tt/02/app.js?82
IP
Hash 566f58607b1c4b47dc79aa1a4c60d4d0
7de86ebaf669e67b22547e20a3791f48e9e9fc78
f858bce37397d5f4260a8dfe82b130efd29e1bc85371e75981168f8fd5d45f7d
GET /fav/wmt/js/tt/02/app.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 09:51:10 GMT
ETag: W/"63638f0e-2359"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7xro96u9LfrSbxYtYXyetVT34oVvzuLMduvFeF6PpqMUbFJvisMvC5sX%2F4Xv%2BKkYVD9oKoh5j9eMxhtrO7yqgQId2zJGeOEPtPlhN0sd76Au7bFYd5iZtT8xyLpIbdV1DSIwA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec1e89afab8-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/js/script.js?82
200 OK 4.0 kB URL HTTP/1.1 we-meet-today.com/js/script.js?82
IP
Hash cc35d90137ec3c878aeb6ceb28bd60cf
b0c32064ec5a948c9c2c33438768879ca2e43dea
e7d859d599a91c901aaa7ee6d032337acbc2b760d943b8e4d715e7e29e0e9324
Analyzer Verdict Alert fortinet Phishing
GET /js/script.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 12:01:20 GMT
ETag: W/"633acf10-30d4"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJZOMG8Q77GafSBQ4nHnHAyLi%2BkR%2BwuP49B7bPhOchsIXoajQXz%2FZSZZTkjC01l2Ws7t%2F%2BVy59%2FR9YA2KJABctWweT%2B7qltIEhPknC4sVa%2F%2BxWgguSUAhYrix4RCHIU3ZK%2FXvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec2180c1bfe-OSL
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/js/general.js?82
200 OK 1.2 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/js/general.js?82
IP
Hash bd9dbb2970393ee22d11cb17b3e16564
c5657446a6ae9b3c95fda043a1656cf4782cebdb
0941ec6bebf09e01a9428a5a4606d9e2a055504a462f0b2d8d22cfc4febf4468
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/js/general.js?82 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 08:49:19 GMT
ETag: W/"636cbb0f-ad8"
Expires: Wed, 06 Dec 2023 05:06:56 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvVeghs2u3KetJfKqLq58YmvEKVrRaElu36RL%2FZ7BW6nfOf%2BIlWkVlwoSkllv5P016ZF65k6mBqfVCUT%2Bn%2BlAPX7FL5LtaXeXAlqF%2BHK2mw5h6t%2FMeNCMk2tAzsENsOgO%2FU8yw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec21eacb4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 931c05c9dbc8d95c859264c5390669aa
026b190a7e3c260c5d898154d4863551214fa6b5
ffec9c61943b35c0f0827e879ae0c63c6da919fb827b7d96c7e1f4c04fd204a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FFEC9C61943B35C0F0827E879AE0C63C6DA919FB827B7D96C7E1F4C04FD204A5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=795
Expires: Tue, 06 Dec 2022 05:20:12 GMT
Date: Tue, 06 Dec 2022 05:06:57 GMT
Connection: keep-alive
icalendar.datingtopgirls.com/icalendar.js
200 OK 1.8 kB URL HTTP/1.1 icalendar.datingtopgirls.com/icalendar.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e
Analyzer Verdict Alert fortinet Malware
GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 08:43:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6307364a-173d"
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash c3d4c131c515e561a664e14293591841
82c6cef0ccb5a98aa7770ec873c299d1ffefb4ae
6c6bca48553eedcccc69d7fd51b614a9c8c2242e6fbc17bb3e31fb01f805e66e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5134
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Last-Modified: Tue, 06 Dec 2022 03:41:23 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP
File type ASCII text, with very long lines (20080)
Hash e93e4b665115726a3f5a6ce6302077e3
ad4116785d479cd00276cd5cd2392feeeffa8e3d
b495787571402c99a18edf3f955fa5539545e503d8442b9af517779503bd0efb
GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 05:06:57 GMT
expires: Tue, 06 Dec 2022 05:06:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
we-meet-today.com/fav/wmt/img/tt/02/logo.svg
200 OK 3.9 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/img/tt/02/logo.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (890)
Hash 85b82f3d2ef7036367b4f12920b3fb8f
3096d9f7093f4eef81a8a1287b454f08f93c8c76
e8202961f223c452b73b4a2d3946bbc492abff4a814cd0bf638a1d3151a9a5b8
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/img/tt/02/logo.svg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-2006"
Expires: Wed, 06 Dec 2023 05:06:57 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DppBYKlT%2BIW%2Bts7kNJljlVeikMWMt7i5ExVK8m7irG3Qjgrr%2F3AcDVvODfY38qS9jEw7X3t%2FR4refty89Otr2SHEJ95JqanIz%2FYaA8YZvjy27bn87VYdHwwps5%2FajajNDvkyDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec2da06b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
200 OK 3.4 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Hash e25421fcd356f9ad3925d5acb670d448
73d3da0ca8a41a87ab5940b62b46205250973c47
925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73
GET /fav/wmt/img/tt/02/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: image/jpeg
Content-Length: 3430
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: "62da8515-d66"
Expires: Wed, 06 Dec 2023 05:06:57 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9srHlvuGq5c8t7I5qD5Y8bOV%2BLYAPEJi%2F0ctr8FqBGtyCOPunQXr9KFpK%2B8f0zMrdc8TgbP25ruUqvXz3MsxvlHZSvhbtizMJygkZH8zxT%2FehAiD5LR7a%2Bh9igCLH%2FHH9wvoww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec2db910b02-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wmt.datingtopgirls.com/util/1-small.jpg
200 OK 63 kB URL HTTP/1.1 wmt.datingtopgirls.com/util/1-small.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data
Hash 30737574deb1bfc2fbe5ccb5ced7b656
12f02e651c9d3ac340c23aede3b2d9409194d6f5
711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29
GET /util/1-small.jpg HTTP/1.1
Host: wmt.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: image/jpeg
Content-Length: 62808
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-f558"
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 280 B IP
Hash e0ced33c0c97874575c1cd4e4f12ee59
68e0cb63405cba8f2fb314c0ddaa197f46d8be13
f1bea5b32a59408eaf74496ccd521884c13b7951ed0d41d8417329fd915743b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2835
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Etag: "638cdaa7-117"
Last-Modified: Tue, 06 Dec 2022 04:19:42 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 280
we-meet-today.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670299200
200 OK 15 kB URL HTTP/1.1 we-meet-today.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670299200
IP
File type ASCII text, with very long lines (31982), with no line terminators
Hash fa0aab52ef98d8afdec138472f123558
6d3aa7ae31861ca6f2b6e5b335b938af32477a64
35f36473d8b392430b25d2937d1995dc8e59b8b1586605edb1d217704ef57281
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670299200 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=14400, public
content-encoding: gzip
x-control-type-options: nosniff
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS%2B08r7pkbRHqmi02sb%2FXq2%2FzQ8dqlVv19BVabYp77MF3xv2wzULvSnsFJj1NOYzxsRtkg7kWW5nuQPGJ3vmWkuD0lHJq61SUj%2FruLM2HHy%2FQKmGncCePx9EyiqZyAL5ob5BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec3aa84b509-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
200 OK 972 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
IP
Hash ca8606d41791853476269c722023f375
0a22c883be2b08113a8e337a76eb22abee984d61
b7d97362e2c487afbf609a0f5d7b667f0137ced87982d6474b2bc76967e4e50f
GET /css2?family=Montserrat:wght@600&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 05:06:57 GMT
date: Tue, 06 Dec 2022 05:06:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 561349
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 02:08:35 GMT
expires: Mon, 04 Dec 2023 02:08:35 GMT
cache-control: public, max-age=31536000
age: 183502
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
we-meet-today.com/fav/wmt/video/tt/02/1.mp4
206 Partial Content 535 kB URL HTTP/1.1 we-meet-today.com/fav/wmt/video/tt/02/1.mp4
IP
Size 535 kB (535149 bytes)
Hash 9661af330c35af96f6c02aa673022efc
4514bc6236adc5c7f348722a38a8731f438a022e
84e620763ffead6632afa49fd9ff52420cf68b384a8c5fa2be2e2470f44e3c86
Analyzer Verdict Alert fortinet Phishing
GET /fav/wmt/video/tt/02/1.mp4 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49
HTTP/1.1 206 Partial Content
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: video/mp4
Content-Length: 465914
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: "62da8515-71bfa"
Expires: Wed, 06 Dec 2023 05:06:57 GMT
Cache-Control: max-age=31536000
Content-Range: bytes 0-465913/465914
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8D2jJBh0ROoRPO2OQo%2F2xEszSlqtW0tdUV0uftAr9KRT%2FQT%2B155Fv1CWXU3YP8pV4jsDmofh0ksGMQRCKx3Me0ZhyOmw7MHYqK4Mi0GSVJBRPFjuonAspLlX8FLnqbhxRdPjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec3ba93b509-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 1.8 kB IP
Hash b350a618fc1bfd0750a04490e5e7e20e
f5e8e71dca62fc2a2f4472b63ee2cb98a4674463
7d66561e611d05c66252d350e1b0cfea6006687eeaeab876bbc089864537cec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2835
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Last-Modified: Tue, 06 Dec 2022 04:19:42 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP
File type ASCII text, with very long lines (1921)
Hash 0f460affee2819f1bf076d8574806d28
0ddbc2d366a7f3b572edbb0f6e6cc6f70b3a342f
86a3b2750bda6d255498823bcaa8b1456dc2fa8329951dbc58c035f654534093
GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 05:06:57 GMT
expires: Tue, 06 Dec 2022 05:06:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D1omfebm58lblp%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D224161%2526c1%253Darb%257C957%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1670303213931&t_i=1670303214301&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=1omfebm58lblp&fpid_sa=1670303214301&fpid=&feid_sa=1&sid_sa=1&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22224161%22%2C%22page_id%22%3A%2200a59fd09d88470d4d9e033fec6ec0d1%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.349&cb=gl.cb.pv
301 Moved Permanently 162 B URL HTTP/1.1 wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D1omfebm58lblp%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D224161%2526c1%253Darb%257C957%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1670303213931&t_i=1670303214301&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=1omfebm58lblp&fpid_sa=1670303214301&fpid=&feid_sa=1&sid_sa=1&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22224161%22%2C%22page_id%22%3A%2200a59fd09d88470d4d9e033fec6ec0d1%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.349&cb=gl.cb.pv
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D1omfebm58lblp%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D224161%2526c1%253Darb%257C957%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1670303213931&t_i=1670303214301&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=1omfebm58lblp&fpid_sa=1670303214301&fpid=&feid_sa=1&sid_sa=1&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22224161%22%2C%22page_id%22%3A%2200a59fd09d88470d4d9e033fec6ec0d1%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.349&cb=gl.cb.pv HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D1omfebm58lblp%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D224161%2526c1%253Darb%257C957%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1670303213931&t_i=1670303214301&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=1omfebm58lblp&fpid_sa=1670303214301&fpid=&feid_sa=1&sid_sa=1&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%22224161%22%2C%22page_id%22%3A%2200a59fd09d88470d4d9e033fec6ec0d1%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.349&cb=gl.cb.pv
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BcpK5W%2BxEPBpNvAh9VNsQiZLN%2BsQkfQLs972v%2B5fZbmFbum6lcmMqYqFUmU582g9Ho177WLr2pMMRLrGetrAasTSx6X8Fz9zFH4VfdHYt1kSu4OaRtNoSEO%2FAfNLg78mUE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec5587a1c12-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14680
Expires: Tue, 06 Dec 2022 09:11:37 GMT
Date: Tue, 06 Dec 2022 05:06:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 3479
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP
Hash 1ba2794f0f7dd2b29159959320fd42bd
8e73fa295266b44f59b5bc53cafb7febe3c85e39
3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c
GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 05:06:57 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
we-meet-today.com/favicon.ico
200 OK 546 B URL HTTP/1.1 we-meet-today.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2c50c27d15b9c17455956dd1092d04bb
aefadffd73aa16b667e82fb27411ec9f1a244ee0
0fb2aaf625eca930aa700f54bb18e8c523c8f2bac8a90bc3199111755801e804
GET /favicon.ico HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=1omfebm58lblp&sub2=&sub8=&sub7=61&source=224161&c1=arb|957|
Cookie: hashid=008e770d09c5f7774985599acee6209d; country=Norway; region=Oslo+County; country_code=no; city=Oslo; latitude=59.955; longitude=10.859; tour=02; sub1=1omfebm58lblp; sub7=61; source=224161; affiliate_id=13989; st=1670303216; push_v2=49; _ga_C27SH5W4XN=GS1.1.1670303214.1.0.1670303214.0.0.0; _ga=GA1.1.508861373.1670303215; fpid=; fpid_sa=1670303214301; feid=924e2704d2482a4a2e2408d3e96f4d00; sid=1a1473e89f53f52406919c69a86f05db; feid_sa=1; sid_sa=1; utm=%7B%22ads_type%22%3A%22%22%7D; st_d=%7B%7D; _ga_Q7W6GLM2DR=GS1.1.1670303214.1.0.1670303214.60.0.0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:06:57 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 11:08:05 GMT
ETag: W/"62da8515-47e"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rToMBTA8iDkao5A6PjVx8XTq1MzalFfqrLKgkB8IoL0E86mCQ0Lf%2F8Z1zraghAaGy1tw4Co2YJY2OaNf3bt5E%2BPq2LYzl%2FRUB97h5Xb2zUYVh7Be3FyRChzqZ9EGlyj3ZOuFgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ec69be2b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=508861373.1670303215>m=2oebu0&aip=1&z=824679793
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=508861373.1670303215>m=2oebu0&aip=1&z=824679793
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=508861373.1670303215>m=2oebu0&aip=1&z=824679793 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:06:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Last-Modified: Tue, 06 Dec 2022 03:22:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN>m=2oebu0&_p=355322061&cid=508861373.1670303215&ul=en-us&sr=1280x1024&_s=1&sid=1670303214&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D1omfebm58lblp%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D224161%26c1%3Darb%7C957%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN>m=2oebu0&_p=355322061&cid=508861373.1670303215&ul=en-us&sr=1280x1024&_s=1&sid=1670303214&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D1omfebm58lblp%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D224161%26c1%3Darb%7C957%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C27SH5W4XN>m=2oebu0&_p=355322061&cid=508861373.1670303215&ul=en-us&sr=1280x1024&_s=1&sid=1670303214&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D1omfebm58lblp%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D224161%26c1%3Darb%7C957%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Tue, 06 Dec 2022 05:06:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 410908bfa79d9b1942dfd81517bf762e
d8ab6124c59161d828d3490c89126aa96bdbd2b9
800844fd287a3bb1c4cf083aae07eef29f119c360e6cf625713b47495dce45ee
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165074
Date: Tue, 06 Dec 2022 05:06:58 GMT
Etag: "638eadaf-1d7"
Expires: Thu, 08 Dec 2022 02:58:12 GMT
Last-Modified: Tue, 06 Dec 2022 02:49:19 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _CZwrNxUbGDfrxVPbGKQdgeW0rBqT6A-60dSMCiA9pb805AcCC9Ycw==
Age: 533
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8E2fgxUP0o0igAQK8aQbAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BfbwIv65RdkqpF3vZc+CJbxX1zI=
my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D1omfebm58lblp%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D224161%26c1%3Darb%7C957%7C
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D1omfebm58lblp%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D224161%26c1%3Darb%7C957%7C
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D1omfebm58lblp%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D224161%26c1%3Darb%7C957%7C HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 05:06:58 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5c4766d517c243f38fedff912a5681d1; expires=Wed, 06 Dec 2023 05:06:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=508861373.1670303215>m=2oebu0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=508861373.1670303215>m=2oebu0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=508861373.1670303215>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Tue, 06 Dec 2022 05:06:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:06:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
botd.fpapi.io/api/v1/detect?version=0.1.23
401 Unauthorized 69 B URL HTTP/2 botd.fpapi.io/api/v1/detect?version=0.1.23
IP
Hash 32ba2944a9fb9f71e7edc24a56593f3d
52b5da6230916b04a19d6f712ef247513831038c
e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9
POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Content-Type: text/plain
Origin: http://we-meet-today.com
Content-Length: 21538
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
date: Tue, 06 Dec 2022 05:06:58 GMT
content-type: application/octet-stream
content-length: 69
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://we-meet-today.com
X-Firefox-Spdy: h2
wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&u_adb=0&t_op=1.211&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1670303214301&fpid=&feid_sa=2&sid_sa=2&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&vn=S-2.8.3&s_rst=0&xfeid=a620568344e72b568b4224cee3be31d3&st_d=%7B%7D
301 Moved Permanently 162 B URL HTTP/1.1 wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&u_adb=0&t_op=1.211&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1670303214301&fpid=&feid_sa=2&sid_sa=2&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&vn=S-2.8.3&s_rst=0&xfeid=a620568344e72b568b4224cee3be31d3&st_d=%7B%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
POST /t/event/v4?e_t=btd_err&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&u_adb=0&t_op=1.211&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1670303214301&fpid=&feid_sa=2&sid_sa=2&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&vn=S-2.8.3&s_rst=0&xfeid=a620568344e72b568b4224cee3be31d3&st_d=%7B%7D HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 05:06:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=253eef5d-a903-4f50-a35f-90b70f226b97&u_adb=0&t_op=1.211&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1670303214301&fpid=&feid_sa=2&sid_sa=2&feid=924e2704d2482a4a2e2408d3e96f4d00&sid=1a1473e89f53f52406919c69a86f05db&vn=S-2.8.3&s_rst=0&xfeid=a620568344e72b568b4224cee3be31d3&st_d=%7B%7D
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txFaAU%2F6r6dLBXHBKiDGTu53yRaPooqGr%2BcJK6fMIGtNMFHshudZrQ87XD5UCixr9EcqvcYDZd%2BPnAQZQ%2F9OcEn3ES1Xx%2F08h4rKLLbFn%2BTl3iIP4OzjHg7qjSMUGcmgjDs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77527ecaba891c12-OSL
alt-svc: h2=":443"; ma=60
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&RedC=c.clarity.ms&MXFR=268E3865E86461A327952A17EC646FF0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=268E3865E86461A327952A17EC646FF0; domain=.clarity.ms; expires=Sun, 31-Dec-2023 05:06:58 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 06 Dec 2022 05:06:58 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&RedC=c.clarity.ms&MXFR=268E3865E86461A327952A17EC646FF0
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&RedC=c.clarity.ms&MXFR=268E3865E86461A327952A17EC646FF0
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&RedC=c.clarity.ms&MXFR=268E3865E86461A327952A17EC646FF0 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&MUID=2866D74C8CA76E9A1180C53E8D526F1C
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2866D74C8CA76E9A1180C53E8D526F1C; domain=c.bing.com; expires=Sun, 31-Dec-2023 05:06:58 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE948921F83D42ADAC06108F5FF73D87 Ref B: OSL30EDGE0214 Ref C: 2022-12-06T05:06:58Z
date: Tue, 06 Dec 2022 05:06:58 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&MUID=2866D74C8CA76E9A1180C53E8D526F1C
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&MUID=2866D74C8CA76E9A1180C53E8D526F1C
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=D7FBF0CFE7064570AA858E786EFA0136&MUID=2866D74C8CA76E9A1180C53E8D526F1C HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 06-Dec-2022 05:16:58 GMT; path=/; SameSite=None; Secure;
date: Tue, 06 Dec 2022 05:06:58 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1077
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
date: Tue, 06 Dec 2022 05:06:58 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 59 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash f74cccb981cfa74c19b2262d8da8f50f
0592c5b57216d1b8a7ceb0887252d29c7a75f830
dbdbe486ee9a8403d4fc13cd79023f9ca1c40292b76c838ff15f1aa5c71326d5
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 519
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
date: Tue, 06 Dec 2022 05:06:58 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4408
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 05:06:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4408
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 05:06:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4408
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 05:06:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
age: 26393
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4408
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 05:06:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 26308
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0mv3_bOi4kymDF7KB35kOjvgE9egGYnCMAXLGIse_PJE8bBMGLxdqw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:07:10 GMT
age: 3589
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
age: 26704
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:49 GMT
age: 26290
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 26298
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 05:06:57 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1091
expires: Fri, 09 Dec 2022 05:06:57 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77527ec24d28b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
wemeettoday.com/ascripts/gcu-2.8.3.js
200 OK 0 B URL HTTP/2 wemeettoday.com/ascripts/gcu-2.8.3.js
IP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ascripts/gcu-2.8.3.js HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 05:06:57 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 07:04:10 GMT
etag: W/"61fa2cea-1737c"
expires: Tue, 06 Dec 2022 07:11:35 GMT
cache-control: max-age=86400, public
x-77-nzt: AblMCgG5Hcv/SjQBAA
x-77-nzt-ray: 382b0f194dee1470f1cd8e6346d71913
x-cache: HIT
x-age: 78922
x-77-pop: amsterdamNL
x-77-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zpbq2o9jtXs87DTy7ho4ehGzvPZVqOcvLYbTBcNUH0aUPgs9Pc87%2B80cwB0vMTTT%2BCkBtUE3gZWXp6eMfSowXPDcCVHTEzgeZ7A%2BrllACvWBuZopMltfByNVUXmwT8KytcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77527ec3bb3fb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato&display=swap?82
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato&display=swap?82
IP
GET /css?family=Lato&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 05:06:57 GMT
date: Tue, 06 Dec 2022 05:06:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b81462be7cf44991b458d47641c06348.20221206.20231206; expires=Wed, 06 Dec 2023 05:06:57 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 08c2OYwAAAAAvpQr5gP1DR7K/j+XwAAKIU1ZHMjBFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 06 Dec 2022 05:06:57 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 06x+OYwAAAAAwT6LeiIEhRbO2vCXeRfjQQU1TMDRFREdFMTgxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 08c2OYwAAAAB0JKpeoKc7RqOoom7/BNrcU1ZHMjBFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 06 Dec 2022 05:06:57 GMT
X-Firefox-Spdy: h2
104.21.80.226
216.239.34.36
95.101.11.115
104.21.80.226
93.184.220.29
31.220.24.141