Report - kektds.com/rgx5m9WC

Report Overview

URL

kektds.com/rgx5m9WC
IP

188.114.97.1

ASN

#13335 CLOUDFLARENET
Submitted

2023-02-07T04:08:05Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
we-meet-today.com (12)	unknown	2022-05-24T09:34:05Z	2023-03-13T06:03:48Z	8312	90187	188.114.97.1
icalendar.datingtopgirls.com (1)	260095	2022-06-02T09:08:49Z	2023-03-13T07:53:59Z	378	2432	31.220.24.141
cdn.onesignal.com (1)	3015	2015-04-22T15:41:50Z	2023-03-13T08:35:13Z	375	26999	104.18.226.52
www.googleoptimize.com (1)	1604	2019-07-16T12:17:19Z	2023-03-13T07:14:58Z	386	48835	142.250.74.78
my.rtmark.net (2)	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	1083	1906	139.45.195.8
fonts.googleapis.com (2)	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	822	1260	142.250.74.74
c.clarity.ms (2)	803	2021-02-04T00:22:47Z	2023-03-13T05:09:17Z	847	1185	20.234.93.27
c.bing.com (1)	247	2012-05-22T12:26:32Z	2023-03-13T05:09:17Z	473	795	13.107.21.200
kektds.com (1)	271713	2021-11-26T12:30:02Z	2023-03-13T07:58:03Z	664	1467	188.114.97.1
r3.o.lencr.org (13)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4394	11526	23.36.76.226
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
ocsp.digicert.com (4)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1364	2352	93.184.220.29
region1.google-analytics.com (1)	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	854	448	216.239.34.36
stats.g.doubleclick.net (1)	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	489	448	64.233.161.155
www.googletagmanager.com (1)	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	385	77691	142.250.74.40
wmtn2.datingtopgirls.com (2)	unknown	2022-06-25T08:18:18Z	2023-03-13T07:53:59Z	810	111859	31.220.24.141
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350	1004	54.230.245.118
wemeettoday.com (1)	unknown	2020-12-29T09:41:40Z	2023-03-13T05:44:02Z	375	25350	172.67.170.116
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2372	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
ocsp.pki.goog (12)	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4144	8416	142.250.74.131
fonts.gstatic.com (1)	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	508	13533	216.58.207.227
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	34.216.86.11
www.google.no (1)	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	484	578	142.250.74.163
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2704	53492	34.120.237.76
d.clarity.ms (3)	2285	2021-07-27T14:49:08Z	2023-03-13T08:31:00Z	1385	858	40.76.174.66

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-07	medium	icalendar.datingtopgirls.com/icalendar.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (74)

URL IP Response Size

kektds.com/rgx5m9WC

188.114.97.1

302 Found

URL HTTP/1.1

kektds.com/rgx5m9WC
IP

188.114.97.1:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /rgx5m9WC HTTP/1.1
Host: kektds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _subid=s8hnpa5u8p59; _token=uuid_s8hnpa5u8p59_s8hnpa5u8p5963e1c06565a6f5.68337324; bdeee=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4NDFcIjoxNjc1NzM5MjM3fSxcImNhbXBhaWduc1wiOntcIjg2XCI6MTY3NTczOTIzN30sXCJ0aW1lXCI6MTY3NTczOTIzN30ifQ.x8Xq0iK_hk0bM1hOpwyUOjRQyNIpKuM2mjiqjGBjluk
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 302 Found
Date: Tue, 07 Feb 2023 04:07:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Tue, 07 Feb 2023 04:07:54 GMT
Location: https://we-meet-today.com/tt/02?affiliate_id=13989&sub1=s8hnpa5u93ec&sub2=&sub8=&sub7=61&source=60261&c1=arb%7C283%7C
Pragma: no-cache
Set-Cookie: _subid=s8hnpa5u93ec;Expires=Friday, 10-Mar-2023 04:07:54 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa5u93ec_s8hnpa5u93ec63e1ce9aa4c8c0.41859930;Expires=Friday, 10-Mar-2023 04:07:54 GMT;Max-Age=2678400;Path=/
bdeee=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4NDFcIjoxNjc1NzM5MjM3LFwiNjAyXCI6MTY3NTc0Mjg3NH0sXCJjYW1wYWlnbnNcIjp7XCI4NlwiOjE2NzU3MzkyMzcsXCIyODNcIjoxNjc1NzQyODc0fSxcInRpbWVcIjoxNjc1NzM5MjM3fSJ9.DfQVcpDxUXdXO1SzRhqFAUNWKqlY9pnpfJYC3jFhQls;Expires=Monday, 16-Mar-2076 08:15:48 GMT;Max-Age=1675829274;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuEgQCeUMdlWTUWCrqzROr%2Bm%2Fwac9gYcAYZSqw9q4ukPErAkjwWApN8Xjak9d94hz3IONcsgSGt0gdrJwHcsQGxhui7TH%2FgZXc%2FKEzJSRuMJC8iE9ku51rtvtChe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 795942e64e51b50c-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

c21ba65e44ac95470c314e068e49a9eb

17a13b13738993d889d4afa3d848dc63bf6eba64

9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2435
Expires: Tue, 07 Feb 2023 04:48:29 GMT
Date: Tue, 07 Feb 2023 04:07:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dca68db7aea32f6683ce8d542c078f04

19c495238df74fca680e21f18627ff94de5dd2e5

35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13534
Expires: Tue, 07 Feb 2023 07:53:28 GMT
Date: Tue, 07 Feb 2023 04:07:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

ff250d3ef3fa45322bf05039a0122a9f

b3e7a2c383bce1bab807dbe1a03c375258b51f1d

d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 03:36:30 GMT
content-type: application/json
age: 1884
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cc14b0d2f7c451f6431dc87ba54d1d60

bab8bfda6fa3e2f17125353f5147211787dc25d0

b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10033
Expires: Tue, 07 Feb 2023 06:55:07 GMT
Date: Tue, 07 Feb 2023 04:07:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

e76071a28ee566dababb3834f46d68ed

aebb4e68c1ba2de0f90025283e8ed8470944fde0

78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: B0eXZxCmvyZd8nEcew4IdP695ZsmpP1DtPuo2UT0TPFtdgJ6TNb3gK5LUWn5M02I+vlvSFP+smU=
x-amz-request-id: S0J16XZWTH6KC15E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 03:35:22 GMT
age: 1952
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 04:07:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

67f729bdd46b9fa3d1152b80b0415560

826812924efae0c9447ae8bb5de52889420a442c

abf079d823d85b2e4794fb4ff7d319beec0e108c8f281bec8931d09068031ab3

HTTP Headers

                                        POST /s/gts1p5/7Tzmy3KXVaQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 04:07:20 GMT
age: 35
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

8f9a9867305bc98f9360976427de7184

fe0fc3752f706da64bf149fc40eedaca91db38fe

bec33a50d1f79e754786727c174ae6b37d2e8c7911c093d142b19dc0ae25c548

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1238
Cache-Control: max-age=101259
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Etag: "63e0b250-117"
Expires: Wed, 08 Feb 2023 08:15:34 GMT
Last-Modified: Mon, 06 Feb 2023 07:54:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg

188.114.97.1

200 OK

3430

URL HTTP/2

we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
IP

188.114.97.1:0
ASN

#13335 CLOUDFLARENET

Magic

JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data

Size

3430
Hash

e25421fcd356f9ad3925d5acb670d448

73d3da0ca8a41a87ab5940b62b46205250973c47

925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73

HTTP Headers

                                        GET /fav/wmt/img/tt/02/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/02?affiliate_id=13989&sub1=s8hnpa5u93ec&sub2=&sub8=&sub7=61&source=60261&c1=arb%7C283%7C
Cookie: hashid=c15854e2c0ff3e97297d66363ca1d7ff; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=s8hnpa5u93ec; sub7=61; source=60261; affiliate_id=13989; st=1675742875
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 07 Feb 2023 04:07:55 GMT
content-type: image/jpeg
content-length: 3430
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: "62735d67-d66"
expires: Wed, 07 Feb 2024 04:07:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HASaxBif%2FG2uSjtQs8%2Fnt8I88BZvF8FyzxraBEPF2tYeKIqzE2V3KE%2Bw6UEHsaVL6MjEB15K4Z5g5wCm5s%2BBODHnljcyQUWQlYzKMnDfTUwicGRZMug3HzA95cl%2BEfJ853KgWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795942ea6d8cb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/css/tt/02/app.css?85

188.114.97.1

200 OK

4607

URL HTTP/2

we-meet-today.com/fav/wmt/css/tt/02/app.css?85
IP

188.114.97.1:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

4607
Hash

8b51a87155e0510c46ff2ba7990e8da0

d2b315008df8b419717daa599249c2e954e47eba

09f6e579154b5a3b06976023ce13b88070c25158d5c0ef3c5223057706cfe0f4

HTTP Headers

                                        GET /fav/wmt/css/tt/02/app.css?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/02?affiliate_id=13989&sub1=s8hnpa5u93ec&sub2=&sub8=&sub7=61&source=60261&c1=arb%7C283%7C
Cookie: hashid=c15854e2c0ff3e97297d66363ca1d7ff; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=s8hnpa5u93ec; sub7=61; source=60261; affiliate_id=13989; st=1675742875
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 07 Feb 2023 04:07:55 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: W/"62735d67-52c2"
expires: Wed, 07 Feb 2024 04:07:55 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYbiiDI9Ul9Zxam66s6QfKGz%2FbqYZT6tGl6Vp3RHQ5lmRs4O4Hdb5nGifyOoHl95mZ3adF8cY0Wnft8K7d3gqdmVjO0AcwJvvOhjrVfrPIi2MR%2BRIrgT6pAFHeFZJiKr9Gg2MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795942ea5d88b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

70d7e4cd91d9f630c160410d22c1cede

82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85

b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

ad2d72821808ee5f77c0598fed0f8bd1

adcd92881d1c5ac3cca4687dc6347369240f4726

c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

67f729bdd46b9fa3d1152b80b0415560

826812924efae0c9447ae8bb5de52889420a442c

abf079d823d85b2e4794fb4ff7d319beec0e108c8f281bec8931d09068031ab3

HTTP Headers

                                        POST /s/gts1p5/7Tzmy3KXVaQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN

142.250.74.40

200 OK

77090

URL HTTP/2

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP

142.250.74.40:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (19467)

Size

77090
Hash

0ad5caefd397bedc0bbacd45d31d2f18

7632dc0c3137b4953a4769b10c22e976c6e62fc0

6e01ed6325581821087cca3750340a486ee636c6f66c32b4acbd71c9fec89e10

HTTP Headers

                                        GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 04:07:55 GMT
expires: Tue, 07 Feb 2023 04:07:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

we-meet-today.com/js/notify.js?85

188.114.97.1

200 OK

1270

URL HTTP/2

we-meet-today.com/js/notify.js?85
IP

188.114.97.1:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

1270
Hash

642bebdfa9f190ecf6f6be1814a9385a

c1e3b057d415b9c115129aef577104d1f7afd387

7ecacac9a086da2d8dc3e930c33f5e59e938107d29f170fab22441bdc0979803

HTTP Headers

                                        GET /js/notify.js?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/02?affiliate_id=13989&sub1=s8hnpa5u93ec&sub2=&sub8=&sub7=61&source=60261&c1=arb%7C283%7C
Cookie: hashid=c15854e2c0ff3e97297d66363ca1d7ff; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=s8hnpa5u93ec; sub7=61; source=60261; affiliate_id=13989; st=1675742875
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 07 Feb 2023 04:07:55 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 10:59:32 GMT
etag: W/"63ad7314-b3e"
expires: Wed, 07 Feb 2024 04:07:55 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmjPE5NrolgXN6pFsmG6%2F8mz1WB%2FiZO5yP6%2FAqiKp7hp2niHDWdQWlMUvFT2jCnfROUNC28r2foVk0902R0u%2F0mLpOa%2B04mBnKl6HA0kuhA9xvoT36dyx3cFEn30OMZhvQClgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795942ea7d9bb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6f4cd4c6ed6c37b5ed016b976f0fb398

b86d4fbe10f05894fddec336cab9d999e3b958fe

a22854b00f044f598a832359f5dbbecc5293bd89e84d4d54a49a77cac04ed097

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A22854B00F044F598A832359F5DBBECC5293BD89E84D4D54A49A77CAC04ED097"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=657
Expires: Tue, 07 Feb 2023 04:18:52 GMT
Date: Tue, 07 Feb 2023 04:07:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6f4cd4c6ed6c37b5ed016b976f0fb398

b86d4fbe10f05894fddec336cab9d999e3b958fe

a22854b00f044f598a832359f5dbbecc5293bd89e84d4d54a49a77cac04ed097

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A22854B00F044F598A832359F5DBBECC5293BD89E84D4D54A49A77CAC04ED097"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4283
Expires: Tue, 07 Feb 2023 05:19:18 GMT
Date: Tue, 07 Feb 2023 04:07:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6f4cd4c6ed6c37b5ed016b976f0fb398

b86d4fbe10f05894fddec336cab9d999e3b958fe

a22854b00f044f598a832359f5dbbecc5293bd89e84d4d54a49a77cac04ed097

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A22854B00F044F598A832359F5DBBECC5293BD89E84D4D54A49A77CAC04ED097"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4297
Expires: Tue, 07 Feb 2023 05:19:32 GMT
Date: Tue, 07 Feb 2023 04:07:55 GMT
Connection: keep-alive

we-meet-today.com/fav/wmt/css/additional.css?85

188.114.97.1

200 OK

2532

URL HTTP/2

we-meet-today.com/fav/wmt/css/additional.css?85
IP

188.114.97.1:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

2532
Hash

cc8fc286f4c39ce002b3339ef8f006a3

203499f17a31f8fc5f7bbcb327d04a82b0931e25

642f4a8860b33c2a0641800316a2cb0c9e4ba97ca0824884a5181dd536127e1c

HTTP Headers

                                        GET /fav/wmt/css/additional.css?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/02?affiliate_id=13989&sub1=s8hnpa5u93ec&sub2=&sub8=&sub7=61&source=60261&c1=arb%7C283%7C
Cookie: hashid=c15854e2c0ff3e97297d66363ca1d7ff; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=s8hnpa5u93ec; sub7=61; source=60261; affiliate_id=13989; st=1675742875
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 07 Feb 2023 04:07:55 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: W/"62735d67-1bc8"
expires: Wed, 07 Feb 2024 04:07:55 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YH018%2BNxQUeDWsRXkyxVkhzyirwNd56Ij9qvxDSc31LyW0WEFCIOzZNvtGrw5Et%2FVfD8viNe4QmULkh3AvBywg04RtiY%2BMqrYgf8s5DYcpgx58Cbz3K3geJEO8cHUgWecBkvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795942ea5d89b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

70d7e4cd91d9f630c160410d22c1cede

82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85

b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

2171

URL HTTP/1.1

icalendar.datingtopgirls.com/icalendar.js
IP

31.220.24.141:0
ASN

#39572 DataWeb Global Group B.V.

Magic

ASCII text

Size

2171
Hash

ee5ff51b385e058b2c9877d81f9d5d65

352f9c19bf07dec79a78e07481d8ae94e717cd87

d1ba9d269e7826b85e539634b6f57cded11b472b3b839f6994409acb9e35319a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 Feb 2023 04:07:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 30 Dec 2022 14:40:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63aef87a-1d8c"
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

9b88bae61bca33aba8aa99f6128db8d9

a07b61fb2458917699613fcae68710941b595416

54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12545
Expires: Tue, 07 Feb 2023 07:37:00 GMT
Date: Tue, 07 Feb 2023 04:07:55 GMT
Connection: keep-alive

wmtn2.datingtopgirls.com/util/101-main-small.jpg

31.220.24.141

200 OK

39973

URL HTTP/1.1

wmtn2.datingtopgirls.com/util/101-main-small.jpg
IP

31.220.24.141:0
ASN

#39572 DataWeb Global Group B.V.

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data

Size

39973
Hash

829475a66341c77e9b1b6de4df9d2068

5ffc8d0478e3977b9d9ceb97c78c42022ee2eff6

1d4039fb9c371683d23a96bab55be6b1e84fe4411d23e69492f1ad741f413d6f

HTTP Headers

                                        GET /util/101-main-small.jpg HTTP/1.1
Host: wmtn2.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 Feb 2023 04:07:55 GMT
Content-Type: image/jpeg
Content-Length: 39973
Last-Modified: Wed, 02 Jun 2021 14:48:38 GMT
Connection: keep-alive
ETag: "60b79a46-9c25"
Accept-Ranges: bytes

wmtn2.datingtopgirls.com/util/101-main-big.jpg

31.220.24.141

200 OK

71405

URL HTTP/1.1

wmtn2.datingtopgirls.com/util/101-main-big.jpg
IP

31.220.24.141:0
ASN

#39572 DataWeb Global Group B.V.

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 375x281, components 3\012- data

Size

71405
Hash

678b078397918f81c17fc5e985ddc84e

5daf578de0255e1951964a40e4031b3d35b501c5

f125f8acd033c69d7cd469de7f3b7e28409ea97d0d220de8fc60ecccbcf3da13

HTTP Headers

                                        GET /util/101-main-big.jpg HTTP/1.1
Host: wmtn2.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 Feb 2023 04:07:55 GMT
Content-Type: image/jpeg
Content-Length: 71405
Last-Modified: Wed, 02 Jun 2021 14:48:40 GMT
Connection: keep-alive
ETag: "60b79a48-116ed"
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

280

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

280
Hash

09250fe3a39ad4827cfbc8bdd5b88259

0e32e1016d2fffa176670636aef9ea5d1e55c9d6

2c4131232f752f72768c8a66f2b41bf18a5532df3d8449a6c648682b900580b6

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134923
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Etag: "63e13aa6-118"
Expires: Wed, 08 Feb 2023 17:36:38 GMT
Last-Modified: Mon, 06 Feb 2023 17:36:38 GMT
Server: nginx
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0a8ea253ef61b5c330b3285f9a94e6ae

0cf9a1c66c83f505c7195774996b107c145f5884

8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0a8ea253ef61b5c330b3285f9a94e6ae

0cf9a1c66c83f505c7195774996b107c145f5884

8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

26446

URL HTTP/2

cdn.onesignal.com/sdks/OneSignalSDK.js
IP

104.18.226.52:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text, with very long lines (9097)

Size

26446
Hash

b93d9ff50aebeaa5d0aea9af897f486a

8efd00ffeb2fb28063ddbd00b4a79ac8aec320f2

4a01b9273a918e6ec8126f28a474e1d6e5c6577375b6bc9ce4442b77cc2e37f0

HTTP Headers

                                        GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 07 Feb 2023 04:07:55 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3046
expires: Fri, 10 Feb 2023 04:07:55 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 795942eabcf7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

216.58.207.227

200 OK

12700

URL HTTP/2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP

216.58.207.227:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data

Size

12700
Hash

e571167fbcce8d5081bce96a09930063

e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e

98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

HTTP Headers

                                        GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:55:53 GMT
expires: Fri, 02 Feb 2024 00:55:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
age: 443522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0a8ea253ef61b5c330b3285f9a94e6ae

0cf9a1c66c83f505c7195774996b107c145f5884

8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

280
Hash

09250fe3a39ad4827cfbc8bdd5b88259

0e32e1016d2fffa176670636aef9ea5d1e55c9d6

2c4131232f752f72768c8a66f2b41bf18a5532df3d8449a6c648682b900580b6

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=134923
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Etag: "63e13aa6-118"
Expires: Wed, 08 Feb 2023 17:36:38 GMT
Last-Modified: Mon, 06 Feb 2023 17:36:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

280
Hash

09250fe3a39ad4827cfbc8bdd5b88259

0e32e1016d2fffa176670636aef9ea5d1e55c9d6

2c4131232f752f72768c8a66f2b41bf18a5532df3d8449a6c648682b900580b6

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134923
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:55 GMT
Etag: "63e13aa6-118"
Expires: Wed, 08 Feb 2023 17:36:38 GMT
Last-Modified: Mon, 06 Feb 2023 17:36:38 GMT
Server: nginx
Content-Length: 280

push.services.mozilla.com/

34.216.86.11

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

34.216.86.11:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p2J8QBQ0wGLcvcOuXQqVGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AfKA4F9IAV/5oe4ndUgj6K+7+q8=

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM

142.250.74.78

200 OK

48234

URL HTTP/2

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP

142.250.74.78:0
ASN

#15169 GOOGLE

Magic

Unicode text, UTF-8 text, with very long lines (11323)

Size

48234
Hash

a075c71ddc811cf03f026c31c09f0ecc

a5d00cadee7a9389752345b0e738a42a360d80fc

6f1b26f15b938823b78b7517c7b2915b0d92360557b1dd6eebb99991bf4ef72a

HTTP Headers

                                        GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 04:07:55 GMT
expires: Tue, 07 Feb 2023 04:07:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

9c14e228f19415f2af825294ff401241

dabb4fa3c22980b27aa873fd8aa429366655c95e

df9ed274a8026ea08f348145695717b6f8a11fa8f3c14e60b30b4cd60f7e2fde

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF9ED274A8026EA08F348145695717B6F8A11FA8F3C14E60B30B4CD60F7E2FDE"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12691
Expires: Tue, 07 Feb 2023 07:39:26 GMT
Date: Tue, 07 Feb 2023 04:07:55 GMT
Connection: keep-alive

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc

139.45.195.8

200 OK

697

URL HTTP/2

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP

139.45.195.8:0
ASN

#9002 RETN Limited

Magic

ASCII text

Size

697
Hash

1ba2794f0f7dd2b29159959320fd42bd

8e73fa295266b44f59b5bc53cafb7febe3c85e39

3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c

HTTP Headers

                                        GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 04:07:55 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

2e90fb4abc4adea51d5da8fca3895c90

9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40

6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 04:07:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=875398484.1675742924&gtm=45je3210&aip=1&z=187190362

142.250.74.163

200 OK

URL HTTP/2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=875398484.1675742924&gtm=45je3210&aip=1&z=187190362
IP

142.250.74.163:0
ASN

#15169 GOOGLE

Magic

GIF image data, version 89a, 1 x 1\012- data

Size

42
Hash

d89746888da2d9510b64a9f031eaecd5

d5fceb6532643d0d84ffe09c40c481ecdf59e15a

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

                                        GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=875398484.1675742924&gtm=45je3210&aip=1&z=187190362 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 04:07:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

#1 JS:Script (size: 256)

#2 JS:Script (size: 2878)

#3 JS:Script (size: 9138)

#4 JS:Script (size: 3650)

#5 JS:Script (size: 898)

#6 JS:Script (size: 181)

#7 JS:Script (size: 159021)

#8 JS:Script (size: 289928)

#9 JS:Script (size: 381)

#10 JS:Script (size: 676)

#11 JS:Script (size: 7564)

#12 JS:Script (size: 684)

#13 JS:Script (size: 23618)

#14 JS:Script (size: 100)

#15 JS:Script (size: 33)

#16 JS:Script (size: 219736)

#17 JS:Script (size: 135344)

#18 JS:Script (size: 56734)

#19 JS:Script (size: 1013)

#20 JS:Script (size: 244)

#21 JS:Script (size: 1751)

#22 JS:Script (size: 2776)

#23 JS:Script (size: 9049)

#24 JS:Script (size: 0)

#25 JS:Script (size: 1527)

#26 JS:Script (size: 4459)

#27 JS:Script (size: 65)

#28 JS:Script (size: 12500)

#29 JS:Script (size: 74304)

#30 JS:Script (size: 231381)

#31 JS:Script (size: 697)

#32 JS:Script (size: 865)

HTTP Transactions (74)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP