Report - kektds.com/d3YgJGPB

Report Overview

URL

kektds.com/d3YgJGPB
IP

104.21.13.140

ASN

#13335 CLOUDFLARENET
Submitted

2023-01-28T22:01:19Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
www.clarity.ms (2)	1404	2018-08-22T09:41:57Z	2023-03-13T05:09:16Z	762	34620	13.107.238.53
c.bing.com (1)	247	2012-05-22T12:26:32Z	2023-03-13T05:09:17Z	473	795	204.79.197.200
wemeettoday.com (1)	unknown	2020-12-29T09:41:40Z	2023-03-13T05:44:02Z	361	31219	172.67.170.116
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2373	35.241.9.150
icalendar.datingtopgirls.com (1)	260095	2022-06-02T09:08:49Z	2023-03-13T07:53:59Z	378	2432	31.220.24.141
fonts.googleapis.com (2)	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	822	15259	142.250.74.106
wmtn2.datingtopgirls.com (2)	unknown	2022-06-25T08:18:18Z	2023-03-13T07:53:59Z	810	111859	31.220.24.141
r3.o.lencr.org (11)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3718	39576	23.36.76.226
we-meet-today.com (12)	unknown	2022-05-24T09:34:05Z	2023-03-13T06:03:48Z	8312	52898	172.67.154.135
www.googleoptimize.com (1)	1604	2019-07-16T12:17:19Z	2023-03-13T07:14:58Z	386	47939	142.250.74.174
d.clarity.ms (2)	2285	2021-07-27T14:49:08Z	2023-03-13T08:31:00Z	917	572	40.76.174.66
ocsp.digicert.com (3)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1023	1562	93.184.220.29
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	35.164.56.167
region1.google-analytics.com (1)	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	854	968	216.239.32.36
stats.g.doubleclick.net (1)	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	487	448	173.194.221.157
kektds.com (1)	271713	2021-11-26T12:30:02Z	2023-03-13T07:58:03Z	350	1418	188.114.96.1
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
ocsp.pki.goog (10)	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3458	7020	142.250.74.131
c.clarity.ms (2)	803	2021-02-04T00:22:47Z	2023-03-13T05:09:17Z	847	1185	20.234.93.27
cdn.onesignal.com (1)	3015	2015-04-22T15:41:50Z	2023-03-13T08:35:13Z	375	553	104.18.226.52
img-getpocket.cdn.mozilla.net (4)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2164	39618	34.120.237.76
www.googletagmanager.com (2)	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	782	136090	142.250.74.168
my.rtmark.net (2)	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	1083	1906	139.45.195.8
www.google.no (1)	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	483	578	142.250.74.131
botd.fpapi.io (1)	297160	2021-06-11T12:56:14Z	2023-03-13T05:12:42Z	460	515	18.210.159.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	icalendar.datingtopgirls.com/icalendar.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (69)

URL IP Response Size

kektds.com/d3YgJGPB

188.114.96.1

302 Found

URL HTTP/1.1

kektds.com/d3YgJGPB
IP

188.114.96.1:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /d3YgJGPB HTTP/1.1
Host: kektds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 302 Found
Date: Sat, 28 Jan 2023 22:01:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sat, 28 Jan 2023 22:01:08 GMT
Location: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Pragma: no-cache
Set-Cookie: _subid=s8hnpa5s7pvt;Expires=Tuesday, 28-Feb-2023 22:01:08 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa5s7pvt_s8hnpa5s7pvt63d59b24dbd6a3.41530708;Expires=Tuesday, 28-Feb-2023 22:01:08 GMT;Max-Age=2678400;Path=/
bdeee=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU5N1wiOjE2NzQ5NDMyNjh9LFwiY2FtcGFpZ25zXCI6e1wiMjgxXCI6MTY3NDk0MzI2OH0sXCJ0aW1lXCI6MTY3NDk0MzI2OH0ifQ.W2S6pkT3pkdp3_BVOL6sHVwLpPKKSROBJWGJqLjn5xg;Expires=Wednesday, 26-Feb-2076 20:02:16 GMT;Max-Age=1675029668;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifTgFZdux2XW3dTTzFb8JvHOynWhrbkvjLBJhcxmbj6rHsluZE3SL9iX5Uw8nzZD1Err%2FYjyjAAJzcZeD5diGubMxJq8lhxzm5jkhpJQmg40BrvUI8dcicJP%2B5M0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790d01462b640b3d-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

a2104f935c638b4767ca5ae0d738ef23

85c6af15af749be0ceeae6de17c36925b750f166

5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2388
Expires: Sat, 28 Jan 2023 22:40:57 GMT
Date: Sat, 28 Jan 2023 22:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3eb88dea4fe00db1182370e72683c3ab

ca520abf1e91bfd2aef40c6a1270a911071e8922

d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3172
Expires: Sat, 28 Jan 2023 22:54:01 GMT
Date: Sat, 28 Jan 2023 22:01:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

dcd75ca6daca51c5e39d431468511793

07f76d3bf23d65c9110d810fa71a994e39e085d3

73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 21:43:06 GMT
content-type: application/json
age: 1083
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

302c7548412192add063ad6c8b99cf3b

e5d178931a27db036ce8daae302594d3ff7050b8

fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Sat, 28 Jan 2023 23:53:04 GMT
Date: Sat, 28 Jan 2023 22:01:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: ZLyvVkknx6fk8H7ePP3EAFWDX0KL5E2HdtSGPqBidjeZ4SxNKHXqiATHOO6S5RvScZVEDvdFr+4=
x-amz-request-id: EX5G4TJQ3WFS42BG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 21:21:07 GMT
age: 2402
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

6d6843824579354d87daf9513d7ff724

eafe4dfd26d61eb233b12b8e08cb10b19e24b779

b3be06a82bc71511d0cb30df0d22472e5647d52bd2ccc73a51f9224595935180

HTTP Headers

                                        POST /s/gts1p5/7Tzmy3KXVaQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/7Tzmy3KXVaQ
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

6d6843824579354d87daf9513d7ff724

eafe4dfd26d61eb233b12b8e08cb10b19e24b779

b3be06a82bc71511d0cb30df0d22472e5647d52bd2ccc73a51f9224595935180

HTTP Headers

                                        POST /s/gts1p5/7Tzmy3KXVaQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/fav/wmt/img/tt/01/user-1.jpg

172.67.154.135

200 OK

3430

URL HTTP/2

we-meet-today.com/fav/wmt/img/tt/01/user-1.jpg
IP

172.67.154.135:0
ASN

#13335 CLOUDFLARENET

Magic

JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data

Size

3430
Hash

e25421fcd356f9ad3925d5acb670d448

73d3da0ca8a41a87ab5940b62b46205250973c47

925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73

HTTP Headers

                                        GET /fav/wmt/img/tt/01/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Cookie: hashid=e43eb278b93b53930a39e1964e147596; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=01; sub1=s8hnpa5s7pvt; sub7=61; source=59761; affiliate_id=13989; st=1674943269
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: image/jpeg
content-length: 3430
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: "62735d67-d66"
expires: Sun, 28 Jan 2024 22:01:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gRMC5HYzXqp3uHyc87kJegyrNMLVkp6dtEBzecMlOC5ZjxnDOPesBhFsrz8FfIoXhXDN7B%2F%2FA8O%2BzYO86qakyAQvuVoW9no3DCg87qapvW6i7ypwwDxEGXzeL4wgqrhAOo9iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790d014af84e0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/css/tt/01/app.css?85

172.67.154.135

200 OK

4605

URL HTTP/2

we-meet-today.com/fav/wmt/css/tt/01/app.css?85
IP

172.67.154.135:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

4605
Hash

5911bc0ba6d5db25ba12394cdc36c60d

72cdc97e18102186b341d20e0aa30a6b1cf7478e

07f43ef8b6307d72b3d8c5b834eae315570fed7bf480cdfe7e861bfec368219e

HTTP Headers

                                        GET /fav/wmt/css/tt/01/app.css?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Cookie: hashid=e43eb278b93b53930a39e1964e147596; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=01; sub1=s8hnpa5s7pvt; sub7=61; source=59761; affiliate_id=13989; st=1674943269
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: W/"62735d67-52c1"
expires: Sun, 28 Jan 2024 22:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dadsgq7qSNUGY88AsbREUaKkZ9iiB%2FCxuVb3i9KaCY4rs7PNEZjMmDtGu%2BZ9VnmIuR9jsR7TPfuiQqsJMqabqKcE%2FzZB2jiLtgjxWLmLRX5gYuOJERFhbH1ShKWA3j0fZa48ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790d014af8450b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/img/tt/01/logo.svg

172.67.154.135

200 OK

4209

URL HTTP/2

we-meet-today.com/fav/wmt/img/tt/01/logo.svg
IP

172.67.154.135:0
ASN

#13335 CLOUDFLARENET

Magic

SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (890)

Size

4209
Hash

d57c31dd48f783a4a391e7dbae0e2bb3

15bcab52197bd4153c0a22b7e0a4492d5c3345d5

d708b20b548dd7cadc91d85e09279b551d58f2e1b74854be882d48d79acf487c

HTTP Headers

                                        GET /fav/wmt/img/tt/01/logo.svg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Cookie: hashid=e43eb278b93b53930a39e1964e147596; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=01; sub1=s8hnpa5s7pvt; sub7=61; source=59761; affiliate_id=13989; st=1674943269
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: image/svg+xml
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: W/"62735d67-2006"
expires: Sun, 28 Jan 2024 22:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqHFf1tqONWSx7FTuoMyYyCdYKmqCG260KavMA89zqaN03fiZ5Sb3r0vapvkK5fJHL5MpYhwROaKtnICNasO2JyaExqugtwDMel7BFMt0HIDHPjmUtlZSyzs4UTmLBftdIYZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790d014af8470b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

0ff416ac543aaaa44a5b9e4a8cf6391a

38ea57c399593b918e9ac48e5a7382ec5a907970

95ae8aad94ce5b868189b0437fc029fa74435d765fbee494279b23ff7c80e679

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95AE8AAD94CE5B868189B0437FC029FA74435D765FBEE494279B23FF7C80E679"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3726
Expires: Sat, 28 Jan 2023 23:03:15 GMT
Date: Sat, 28 Jan 2023 22:01:09 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

bab8a4c1e6bb2e6c9cc00222eef1235d

1a5dd108e9f9aaf33bc048b0097a9f510d295cad

fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

0ff416ac543aaaa44a5b9e4a8cf6391a

38ea57c399593b918e9ac48e5a7382ec5a907970

95ae8aad94ce5b868189b0437fc029fa74435d765fbee494279b23ff7c80e679

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95AE8AAD94CE5B868189B0437FC029FA74435D765FBEE494279B23FF7C80E679"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3726
Expires: Sat, 28 Jan 2023 23:03:15 GMT
Date: Sat, 28 Jan 2023 22:01:09 GMT
Connection: keep-alive

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

2171

URL HTTP/1.1

icalendar.datingtopgirls.com/icalendar.js
IP

31.220.24.141:0
ASN

#39572 DataWeb Global Group B.V.

Magic

ASCII text

Size

2171
Hash

ee5ff51b385e058b2c9877d81f9d5d65

352f9c19bf07dec79a78e07481d8ae94e717cd87

d1ba9d269e7826b85e539634b6f57cded11b472b3b839f6994409acb9e35319a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 28 Jan 2023 22:01:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 30 Dec 2022 14:40:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63aef87a-1d8c"
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN

142.250.74.168

200 OK

77197

URL HTTP/2

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP

142.250.74.168:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (19467)

Size

77197
Hash

ddab1c0102d893fb090d512729be2af7

70e7efa1949400624dc25eb5656682b5fc266df4

37497a117658bd22d95a6fbb262730f97d5c04af1a8cc58f4a4ede745e7b6c08

HTTP Headers

                                        GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 22:01:09 GMT
expires: Sat, 28 Jan 2023 22:01:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato&display=swap?85

142.250.74.106

200 OK

799

URL HTTP/2

fonts.googleapis.com/css?family=Lato&display=swap?85
IP

142.250.74.106:0
ASN

#15169 GOOGLE

Magic

data

Size

799
Hash

3b8da75dd43c921a79aa9904b8b6e181

e7bd168769559cf0049f48375cb5b00a47506897

fe4b57b66adf00cdce3f270dd839685bc2a941b5988968f6bdfe788a34a56bb8

HTTP Headers

                                        GET /css?family=Lato&display=swap?85 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 22:01:09 GMT
date: Sat, 28 Jan 2023 22:01:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wmtn2.datingtopgirls.com/util/101-main-small.jpg

31.220.24.141

200 OK

39973

URL HTTP/1.1

wmtn2.datingtopgirls.com/util/101-main-small.jpg
IP

31.220.24.141:0
ASN

#39572 DataWeb Global Group B.V.

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data

Size

39973
Hash

829475a66341c77e9b1b6de4df9d2068

5ffc8d0478e3977b9d9ceb97c78c42022ee2eff6

1d4039fb9c371683d23a96bab55be6b1e84fe4411d23e69492f1ad741f413d6f

HTTP Headers

                                        GET /util/101-main-small.jpg HTTP/1.1
Host: wmtn2.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 28 Jan 2023 22:01:09 GMT
Content-Type: image/jpeg
Content-Length: 39973
Last-Modified: Wed, 02 Jun 2021 14:48:38 GMT
Connection: keep-alive
ETag: "60b79a46-9c25"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

bab8a4c1e6bb2e6c9cc00222eef1235d

1a5dd108e9f9aaf33bc048b0097a9f510d295cad

fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wmtn2.datingtopgirls.com/util/101-main-big.jpg

31.220.24.141

200 OK

71405

URL HTTP/1.1

wmtn2.datingtopgirls.com/util/101-main-big.jpg
IP

31.220.24.141:0
ASN

#39572 DataWeb Global Group B.V.

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 375x281, components 3\012- data

Size

71405
Hash

678b078397918f81c17fc5e985ddc84e

5daf578de0255e1951964a40e4031b3d35b501c5

f125f8acd033c69d7cd469de7f3b7e28409ea97d0d220de8fc60ecccbcf3da13

HTTP Headers

                                        GET /util/101-main-big.jpg HTTP/1.1
Host: wmtn2.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 28 Jan 2023 22:01:09 GMT
Content-Type: image/jpeg
Content-Length: 71405
Last-Modified: Wed, 02 Jun 2021 14:48:40 GMT
Connection: keep-alive
ETag: "60b79a48-116ed"
Accept-Ranges: bytes

www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX

142.250.74.168

200 OK

57645

URL HTTP/2

www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX
IP

142.250.74.168:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (2985)

Size

57645
Hash

e14b3cd6afbce0ed550ab0c968c9c6d8

e41cd45e45bd8c7092ac546a4f2a093673b80682

513d40bd7637e6565bde64ab67166731cdf10062c123a757ae8dad871a12b17f

HTTP Headers

                                        GET /gtm.js?id=GTM-T76Q9QX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 22:01:09 GMT
expires: Sat, 28 Jan 2023 22:01:09 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

a6dc6f73b2690002d290968d8655ab65

4796048a67bb148290dda04013d70f7a6454ee46

9a30a208c4692b234b609637a5b494421ecbfc8318766878fbca2cf9b99fecc7

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:09 GMT
Server: ECS (amb/6B83)
Content-Length: 278

we-meet-today.com/js/notify.js?85

172.67.154.135

200 OK

1462

URL HTTP/2

we-meet-today.com/js/notify.js?85
IP

172.67.154.135:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

1462
Hash

412a2d0e3a173b68a69ca57c696eb90e

030c505f5bcd972d8f0bc9c0a9ad0209d4193521

670d149b404b7e281288b5d47b1ab7dce92e137f770863d84a051c3f896be365

HTTP Headers

                                        GET /js/notify.js?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Cookie: hashid=e43eb278b93b53930a39e1964e147596; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=01; sub1=s8hnpa5s7pvt; sub7=61; source=59761; affiliate_id=13989; st=1674943269
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 10:59:32 GMT
etag: W/"63ad7314-b3e"
expires: Sun, 28 Jan 2024 22:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMu6zdKEjhd6lLrpQBvwFuZoPtAXb92G8IGvQydu9CPutZVB7qnd3ex6fqWWsGVHcH32cgl%2BnrROwXtf0bxsCMeRr7QIvSgLpv7KE4k3qS9%2FLldl%2BUNm8loe0Q0eyowEeckpHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790d014b18680b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

8cf65fcdafa84b63cf7005fe57927fcb

3f7d163a96e7f00eb2de9828624ec46e22b4b40a

dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/fav/wmt/js/sektor.js?85

172.67.154.135

200 OK

25046

URL HTTP/2

we-meet-today.com/fav/wmt/js/sektor.js?85
IP

172.67.154.135:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

25046
Hash

502bcb80274fe62704ffa1b4bbc7a003

519ae9c4f89efec6b1c517bb13f12123367c295d

309079e5285aa18c117f1b6e8d49cf5c61a9f1d94c336fbfcf3bd74ba5df6423

HTTP Headers

                                        GET /fav/wmt/js/sektor.js?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Cookie: hashid=e43eb278b93b53930a39e1964e147596; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=01; sub1=s8hnpa5s7pvt; sub7=61; source=59761; affiliate_id=13989; st=1674943269
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: application/javascript
last-modified: Thu, 05 May 2022 05:15:19 GMT
etag: W/"62735d67-116b"
expires: Sun, 28 Jan 2024 22:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5YUU7Bl7gr50cElvW%2B%2BpVq2wGx3zosBPla8IB2g%2BrBNfMQFLz4FmZm5A1qe7HdFwXJJUUnsBIZH5H6AHaoN31enD9kTkPUowXjVFeC9kKPkTxuoWlMrLT8CjRxbybXkjwAElA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790d014b18660b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?85

142.250.74.106

200 OK

13200

URL HTTP/2

fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?85
IP

142.250.74.106:0
ASN

#15169 GOOGLE

Magic

data

Size

13200
Hash

e2a7f0aef66e77c07405db866ba634b4

a15382c7430ec29533942fa04a199cf6fc1b293b

95fd61bba4498cc03dea3b3c1cc4f23b89f10c7bc2b13e7e838359a9200b9cda

HTTP Headers

                                        GET /css2?family=Montserrat:wght@600&display=swap?85 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 22:01:09 GMT
date: Sat, 28 Jan 2023 22:01:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 21:49:03 GMT
age: 727
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

8cf65fcdafa84b63cf7005fe57927fcb

3f7d163a96e7f00eb2de9828624ec46e22b4b40a

dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/fav/wmt/js/tt/01/app.js?85

172.67.154.135

200 OK

3291

URL HTTP/2

we-meet-today.com/fav/wmt/js/tt/01/app.js?85
IP

172.67.154.135:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text

Size

3291
Hash

076a020cb208985c5c54a70285335016

a45608170cfb83db09ba9bf6c3d0ec500d2e3a2e

e6b6a4a2b72cf98479c884e104dc8e912d91e346f1e125d723d7502e2c9ce443

HTTP Headers

                                        GET /fav/wmt/js/tt/01/app.js?85 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/tt/01?affiliate_id=13989&sub1=s8hnpa5s7pvt&sub2=&sub8=&sub7=61&source=59761&c1=arb%7C281%7C
Cookie: hashid=e43eb278b93b53930a39e1964e147596; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=01; sub1=s8hnpa5s7pvt; sub7=61; source=59761; affiliate_id=13989; st=1674943269
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 28 Jan 2023 22:01:09 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 09:45:37 GMT
etag: W/"6368d3c1-2418"
expires: Sun, 28 Jan 2024 22:01:09 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD1BYMSIeWWhYNi5cZ%2BoHWq3U3U4MTDe0RCVrq3RrIDN6DWO5ixTuaRkA2hrHewdK74KpEZFfaYTNHVgD%2FVn17iQ8FMFLH6%2BDg4dEGuoac9ltN8UNjjv2dTkEtpUKTfRxhANFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790d014b18670b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

a6dc6f73b2690002d290968d8655ab65

4796048a67bb148290dda04013d70f7a6454ee46

9a30a208c4692b234b609637a5b494421ecbfc8318766878fbca2cf9b99fecc7

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:10 GMT
Last-Modified: Sat, 28 Jan 2023 22:01:09 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

a6dc6f73b2690002d290968d8655ab65

4796048a67bb148290dda04013d70f7a6454ee46

9a30a208c4692b234b609637a5b494421ecbfc8318766878fbca2cf9b99fecc7

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156931
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:10 GMT
Etag: "63d55d29-116"
Expires: Mon, 30 Jan 2023 17:36:41 GMT
Last-Modified: Sat, 28 Jan 2023 17:36:41 GMT
Server: nginx
Content-Length: 278

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM

142.250.74.174

200 OK

47338

URL HTTP/2

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP

142.250.74.174:0
ASN

#15169 GOOGLE

Magic

Unicode text, UTF-8 text, with very long lines (11323)

Size

47338
Hash

648ddf8c50c9cade230e6c3c140254c3

2ca8e8171a18787e7cd928d1973f4f499fdf073e

7349f6dab69d88f6c235142e397d216a2aa9eb7f60beca9ef0cb8bdf602e83de

HTTP Headers

                                        GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 22:01:10 GMT
expires: Sat, 28 Jan 2023 22:01:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

ab744f1fbf03bf793085117f6691a062

f26ee7a876fee3e80c2521374a4c527d55b17e83

fc5b8cb6f5bd7396921cac6bf1bbd6cb41715cdcd19527ae5310e59eafd07928

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5B8CB6F5BD7396921CAC6BF1BBD6CB41715CDCD19527AE5310E59EAFD07928"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7708
Expires: Sun, 29 Jan 2023 00:09:38 GMT
Date: Sat, 28 Jan 2023 22:01:10 GMT
Connection: keep-alive

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc

139.45.195.8

200 OK

697

URL HTTP/2

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP

139.45.195.8:0
ASN

#9002 RETN Limited

Magic

ASCII text

Size

697
Hash

1ba2794f0f7dd2b29159959320fd42bd

8e73fa295266b44f59b5bc53cafb7febe3c85e39

3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c

HTTP Headers

                                        GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 22:01:10 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.164.56.167

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

35.164.56.167:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uitdjSvLQLe/EBnv1079aA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KOEfyTHGRJ68siSjmGyJ99s4+zw=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

b7da7d1d3e5880d5d4e313ac7fcf2a83

60a1e887ccb7c7cdae0035c65ef7df9908547fef

af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=875274394.1674943275&gtm=2oe1p0&aip=1&z=1429309699

142.250.74.131

200 OK

URL HTTP/2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=875274394.1674943275&gtm=2oe1p0&aip=1&z=1429309699
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

GIF image data, version 89a, 1 x 1\012- data

Size

42
Hash

d89746888da2d9510b64a9f031eaecd5

d5fceb6532643d0d84ffe09c40c481ecdf59e15a

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

                                        GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=875274394.1674943275&gtm=2oe1p0&aip=1&z=1429309699 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 22:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

b7da7d1d3e5880d5d4e313ac7fcf2a83

60a1e887ccb7c7cdae0035c65ef7df9908547fef

af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe1p0&_p=2023550244&cid=875274394.1674943275&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674943274&sct=1&seg=0&dl=https%3A%2F%2Fwe-meet-today.com%2Ftt%2F01%3Faffiliate_id%3D13989%26sub1%3Ds8hnpa5s7pvt%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D59761%26c1%3Darb%257C281%257C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90

216.239.32.36

204 No Content

520

URL HTTP/2

region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe1p0&_p=2023550244&cid=875274394.1674943275&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674943274&sct=1&seg=0&dl=https%3A%2F%2Fwe-meet-today.com%2Ftt%2F01%3Faffiliate_id%3D13989%26sub1%3Ds8hnpa5s7pvt%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D59761%26c1%3Darb%257C281%257C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP

216.239.32.36:0
ASN

#15169 GOOGLE

Magic

data

Size

520
Hash

10a596a86b9d23669893d61032266044

8e5cd0454f4a61f36dba1e41833ed5e2e2fd97c1

eb0f8780dcb297764eb2cbaf06847c1c7af06e27aeecbbe547e1d4165d2cd030

HTTP Headers

                                        POST /g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe1p0&_p=2023550244&cid=875274394.1674943275&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674943274&sct=1&seg=0&dl=https%3A%2F%2Fwe-meet-today.com%2Ftt%2F01%3Faffiliate_id%3D13989%26sub1%3Ds8hnpa5s7pvt%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D59761%26c1%3Darb%257C281%257C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                        HTTP/2 204 No Content
access-control-allow-origin: https://we-meet-today.com
date: Sat, 28 Jan 2023 22:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.clarity.ms/eus/s/0.7.1/clarity.js

United States MICROSOFT-CORP-MSN-AS-BLOCK

13.107.238.53

200 OK

19478

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

#1 JS:Script (size: 2878)

#2 JS:Script (size: 676)

#3 JS:Script (size: 289928)

#4 JS:Script (size: 56734)

#5 JS:Script (size: 9240)

#6 JS:Script (size: 381)

#7 JS:Script (size: 220126)

#8 JS:Script (size: 1013)

#9 JS:Script (size: 4459)

#10 JS:Script (size: 2776)

#11 JS:Script (size: 33)

#12 JS:Script (size: 1751)

#13 JS:Script (size: 3654)

#14 JS:Script (size: 256)

#15 JS:Script (size: 86841)

#16 JS:Script (size: 898)

#17 JS:Script (size: 9138)

#18 JS:Script (size: 159182)

#19 JS:Script (size: 133362)

#20 JS:Script (size: 65)

#21 JS:Script (size: 864)

#22 JS:Script (size: 23618)

#23 JS:Script (size: 244)

#24 JS:Script (size: 231760)

#25 JS:Script (size: 697)

#26 JS:Script (size: 181)

#27 JS:Script (size: 1527)

#28 JS:Script (size: 74304)

#29 JS:Script (size: 12500)

#30 JS:Script (size: 7564)

#31 JS:Script (size: 684)

#32 JS:Script (size: 100)

HTTP Transactions (69)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP