Report - wemeettoday.com/tt/01

Report Overview

Submitted URL
wemeettoday.com/tt/01
IP
104.21.95.141
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-08 14:49:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	77 kB	142.250.74.40
www.googleoptimize.com	1604	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	48 kB	142.250.74.46
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	724 B	564 B	216.239.32.36
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	847 B	1.2 kB	20.234.93.27
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	764 B	1.2 kB	13.107.246.53
wemeettoday.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	3.2 kB	172.67.170.116
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	286 B	20.75.32.255
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	966 B	143.204.42.88
we-meet-today.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	521 B	2.7 kB	188.114.97.1
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	822 B	1.5 kB	142.250.74.106
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	496 B	104.18.226.52
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.8 kB	93.184.220.29
icalendar.datingtopgirls.com	260095	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	2.1 kB	31.220.24.141
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
botd.fpapi.io	297160	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	930 B	7.1 kB	3.215.11.173
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	960 B	1.9 kB	139.45.195.8
r.go2offer-1.com	877188	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	474 B	492 B	34.90.46.36
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	15 kB	142.250.74.131
wmtn2.datingtopgirls.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	40 kB	31.220.24.141
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	694 B	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	985 B	38 kB	142.250.74.35
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	487 B	564 B	108.177.14.156
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	473 B	795 B	204.79.197.200
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.1.70

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	wemeettoday.com/tt/01	Malware
2022-12-08	medium	icalendar.datingtopgirls.com/icalendar.js	Malware
2022-12-08	medium	wemeettoday.com/tt/01	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	wemeettoday.com	Sinkholed
2022-12-08	medium	wemeettoday.com	Sinkholed
2022-12-08	medium	wemeettoday.com	Sinkholed

JavaScript (31)

	URL	Size	First Seen	Last Seen
	we-meet-today.com/fav/wmt/js/tt/01/app.js?82	9.2 kB	2023-03-08	2023-03-25
Pretty URL we-meet-today.com/fav/wmt/js/tt/01/app.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:22 Last Seen2023-03-25 23:45:25 Times Seen7 Hash e84ff493ba75c20cc4025bc5b8a4bcb8 6285cd616cb8bee6cf0bbb6f17d6214829f72569 bbdb0a0a9b32865577a8302641ab1a947497154106990795f2471235fe6c58da Loading...

	we-meet-today.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670500800	39 kB	2023-03-08	2024-02-11
Pretty URL we-meet-today.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670500800 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:19 Last Seen2024-02-11 09:14:09 Times Seen1 Hash e090d914f92589ab8bb2a861390268e1 d7ee86f9880a1baedfd02c86e765c64235240c4f e7fd07358250adf8e5fcd6f22fc90145254169226bd789d8a5404f443203df26 Loading...

	www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c	230 kB	2023-03-08	2024-02-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:22 Last Seen2024-02-11 09:14:10 Times Seen1 Hash 9d786a9206d829a933172e0ad445a00c a94d4e1dd13eb5a497f625c350b93fd220c0567f 25972f83d2cf1b2df161ba302a70ae4c4efb8224fc173fdbebf036c7763288ce Loading...

	onesignal.com/api/v1/sync/9aa670f7-284e-4992-a65a-f76f7897c873/web?callback=__jp0	3.7 kB	2023-03-08	2024-02-11
Pretty URL onesignal.com/api/v1/sync/9aa670f7-284e-4992-a65a-f76f7897c873/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:22 Last Seen2024-02-11 09:14:10 Times Seen1 Hash 62e5e0c29848754bcb1f5934c6a7ba7e f637a36150a54e05b22166347e5e45f43ec7379b b448cf04a93bba12b906ce402fcf8d1c9ca5adfe0fb50dbb303b613a333520be Loading...

	we-meet-today.com/tt	181 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen124 Hash ff011f0cb72b358b522a578437cac65f 2538907faf1f40db704a2c4738dc1b41bef3bac1 0607af71e7799808b08043230410f0385ccb521197e0f1c0bb816966c71da696 Loading...

	www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN	218 kB	2023-03-08	2024-02-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:19 Last Seen2024-02-11 09:14:10 Times Seen1 Hash 3772bdb298ae1373cec32d225a1cbef8 1dfb4fa4fab0a98c871f312a76539063a7248fc8 66c61a14a11aacc4bb3d2ef8e5b38a640056664ece0f9d19fcee07326b96f711 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.226.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	we-meet-today.com/fav/wmt/js/sektor.js?82	4.5 kB	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/fav/wmt/js/sektor.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:25 Last Seen2024-02-02 00:56:36 Times Seen150 Hash ae2f31e58981cfe5f8aa90fc0a97e3a1 f90868a52df7cd9430c1b89a299dcdc0f230177f dccc44a5b344ec5e0f52d24a383bca3b15c632d3d168bfe4347432526fef2276 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc	697 B	2023-03-08	2024-02-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:15 Last Seen2024-02-25 15:06:23 Times Seen1042 Hash 1ba2794f0f7dd2b29159959320fd42bd 8e73fa295266b44f59b5bc53cafb7febe3c85e39 3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c Loading...

	we-meet-today.com/js/main.js?82	24 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/main.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:41 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 2cc8c012627c00ba257b84425b55e9e4 1fc7ad744f1eb3f195140dace57eecc62d2fd80f 4eed62e402335ca04f23bef09046e4c62acc16d67482e6089d114354b77dbbdf Loading...

	we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-21
Pretty URL we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-21 17:57:43 Times Seen12142 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	we-meet-today.com/tt	1.4 kB	2023-03-08	2024-02-11
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:22 Last Seen2024-02-11 09:14:10 Times Seen1 Hash a7887d9087465ab2fe75b6b9c2dde806 b57a066101acefccef2151481f505e9e6e773958 37265e55b55518aa997fecba4d80791ccbd7362692819692a9a3f95cc2f0fad9 Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	we-meet-today.com/tt	100 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen139 Hash 6657d5cb319244c6cf4c7378f47596e1 cb008f36db33ff73fa420f12425c18e65a3053ff 1bbc661e1e53aa8c4b872fba1e02a35e276b0a21bfe29d3c93a57257d6546aa6 Loading...

	we-meet-today.com/fav/wmt/js/general.js?82	2.8 kB	2023-03-08	2023-05-15
Pretty URL we-meet-today.com/fav/wmt/js/general.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:50 Last Seen2023-05-15 08:04:06 Times Seen121 Hash f73f7993e3110ae3494e4eaecf498c81 f7882f818c6f79a58faa143ee522261532b38f82 3bc4403c8df9e6055e17defe48845861a5cb320c5e7bdb8a76980b923b24d32a Loading...

	we-meet-today.com/js/notify.js?82	2.9 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/notify.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:25:21 Last Seen2023-03-17 12:47:52 Times Seen1 Hash a36984dbb2e2fc58ceed2df6de66fce3 43f4bbef2dd1fd000abf72336ccfb901d5b102d2 9a4a793d9d5fdb3d9c959cfb8aa98177439dcc67c1255520073fc2403692aa42 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX	158 kB	2023-03-08	2024-02-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:22 Last Seen2024-02-11 09:14:10 Times Seen1 Hash 396efd89c4c6b99625498fc3f727d58d 2448f7a39228feadcb80eff1737a36eecb6e12e5 19baab434d0d2e46a553514e441069a59e20145ec2f3c1ef5cce7fbf374cd5b3 Loading...

	www.clarity.ms/tag/bvsqia2v2y?ref=gtm	1.5 kB	2023-03-08	2023-03-11
Pretty URL www.clarity.ms/tag/bvsqia2v2y?ref=gtm IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:50 Last Seen2023-03-11 23:51:14 Times Seen1 Hash dcfc5816c927a99b16f352ddc45528e5 e562a95c6664e5b49f4ac76b624be0c6c0b3650e 4e7d75e140db87dc73f6d01330c9942fb86f1f7ecce1a8cebdb8ffa21e50d2fc Loading...

	we-meet-today.com/tt	269 B	2023-03-08	2024-02-11
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:22 Last Seen2024-02-11 09:14:11 Times Seen1 Hash 57573c58b049482d1082292aef522aaf 46388bca40dc28952fa2a05627d60e76b23ab8ac ce7cfc31e22b328c25d9ee5e6e2c6e95d48c667c6df2158435e703625488ea94 Loading...

	http:blank	580 B	2023-03-08	2024-02-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:22 Last Seen2024-02-11 09:14:11 Times Seen1 Hash b98dfa8d31f1416c10cd2ea79c3900bb 66dd9b21b99f101ed9ba7ef135f6d7592322c545 1efd1888d76236d73c3395c0453b9d9e2cfca49af71d590c2334ac57c2ec4407 Loading...

	www.clarity.ms/eus2/s/0.6.43/clarity.js	55 kB	2023-03-08	2023-10-23
Pretty URL www.clarity.ms/eus2/s/0.6.43/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-10-23 15:37:18 Times Seen9 Hash 441723b72633b1ac9757ad7c63168005 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 Loading...

	icalendar.datingtopgirls.com/icalendar.js	5.9 kB	2023-03-07	2023-03-17
Pretty URL icalendar.datingtopgirls.com/icalendar.js IP 31.220.24.141 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 1542e1c96753770e587968d803376c9a c49a24c38a498620e420951e65ddf65f46dda447 2887db4531172d1c88a4d6b55bda50c5f0dacb95918e2666129cda5d8ec98a8b Loading...

	we-meet-today.com/tt	1.0 kB	2023-03-08	2024-02-11
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:23 Last Seen2024-02-11 09:14:11 Times Seen1 Hash 73323f98af5856ab259e91d2bdbfda21 a39f043e0e119fcaff30ea6e8aa0b9d04517d3ff 2ef39f7a09cd4108f39e2ab5c932316a5c1fd69727fc7817f96000388d5d0f9c Loading...

	we-meet-today.com/tt	381 B	2023-03-07	2024-02-08
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-08 04:04:46 Times Seen482 Hash 2d63d2fc063a3b79517968ef422bfae2 3f5020fc07330429b607f808fc5373f5bede54a0 5c0085f5aec987d46f3ebd4a6ed616c806878b0a82cf6f8c926cb41925d637d1 Loading...

	we-meet-today.com/tt	244 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen123 Hash c2d7fd0076f5e94198e0b8df53b52f2f 6677090bec52a47a8a71b12f38df2a13acf30ed3 db5589938f906525089cad0aaf2d24848b46d1c3afa382c72a0e0cb15517bb4c Loading...

	we-meet-today.com/tt	352 B	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 38284d3542bae93edd9c02c50ab14d45 5ba94ebd6abb0532440d433b6df384007a38e60d 25dd4dfb5bfbf45b4dc7dab5cfa540a325ac31b5780766ff2919507786509260 Loading...

	we-meet-today.com/js/script.js?82	12 kB	2023-03-08	2023-03-26
Pretty URL we-meet-today.com/js/script.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:24:10 Last Seen2023-03-26 00:16:44 Times Seen8 Hash 6855532b091e028a339171c55834e4a3 8c2f4a43bd7fc25d532392105b8e830769b43a20 ea4e519e27a134a65801c8498d0f57c16f8bde82799f951fe59748f8f2eabfe2 Loading...

	we-meet-today.com/tt	520 B	2023-03-08	2024-02-11
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:23 Last Seen2024-02-11 09:14:11 Times Seen1 Hash 9939fd51034f7e76f58fab35def38eba d838b4285ceae5e260a9468fe1bfb3899c4a2819 7f9ccaa74096fb254d74f22e115de867de6b4efd2d70458f7ee95e1cbef62d66 Loading...

	we-meet-today.com/tt	33 B	2023-03-07	2023-10-16
Pretty URL we-meet-today.com/tt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:52 Last Seen2023-10-16 08:02:38 Times Seen117 Hash 8dbba962f13697f99ed698b6c7b8bff1 2780151745bf59ad74e28bac3be556a13d160596 798f3fd7c6503da88144be4e39f30d1c056b0cdff5deab0b2a752642f20f35f3 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 21:16:34 Times Seen37024757 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	wemeettoday.com/t/event/v4?e_t=pageview&url=https%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1670510932942&t_i=1670510933185&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=ee63cd33-f793-4532-bdfa-4caaa8d7d68f&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6391f955be63b900013aff1e&fpid_sa=1670510933185&fpid=&feid_sa=1&sid_sa=1&feid=8ebc0c0fbfc45020f98c7fde9216785b&sid=5226da41f6c5efcd6498d0e1dfa157c3&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%224bbb2a1caae66da44763ab546385c09f%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.323&cb=gl.cb.pv	65 B	2023-03-08	2024-02-11
Pretty URL wemeettoday.com/t/event/v4?e_t=pageview&url=https%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1670510932942&t_i=1670510933185&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=ee63cd33-f793-4532-bdfa-4caaa8d7d68f&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6391f955be63b900013aff1e&fpid_sa=1670510933185&fpid=&feid_sa=1&sid_sa=1&feid=8ebc0c0fbfc45020f98c7fde9216785b&sid=5226da41f6c5efcd6498d0e1dfa157c3&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%224bbb2a1caae66da44763ab546385c09f%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.323&cb=gl.cb.pv IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:17:23 Last Seen2024-02-11 09:14:11 Times Seen1 Hash 5246849e16289507414a5edcd3f20a0b dc1edee76023db8bea30f9094bafb6e05b066f1d 3ae4583e93bbc0879eeea1a7ef81aa24383951969c6536c8532ac9447b79d21b Loading...

HTTP Transactions (69)

URL IP Response Size

wemeettoday.com/tt/01

172.67.170.116

301 Moved Permanently

162 B

URL HTTP/1.1
wemeettoday.com/tt/01
IP
172.67.170.116:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /tt/01 HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 14:48:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/tt/01
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsDL8HLT9m7Cg9cB%2BwvWa7F8TgVOgaF%2FEFA5q9l%2B8gmsYnCmyYYX2ugwTHLEmDgVQoyZBKtHR%2B8e%2B4tiNClkh7KIemIrlSzTHV5f9FVFgGx7iVEHbGcBpR9qkLJPU8fvs6Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77664defead3b4ff-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15825
Expires: Thu, 08 Dec 2022 19:12:37 GMT
Date: Thu, 08 Dec 2022 14:48:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2566
Expires: Thu, 08 Dec 2022 15:31:38 GMT
Date: Thu, 08 Dec 2022 14:48:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3173
Expires: Thu, 08 Dec 2022 15:41:45 GMT
Date: Thu, 08 Dec 2022 14:48:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 14:08:13 GMT
content-type: application/json
age: 2439
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xL5F0KNIpgXn+KW6Dxnx7jpSOKdCV8TXc7p9SRITYojJP3SPqmvFKmx9CY6FXabJHZU2qnxjxE0=
x-amz-request-id: BVYQ5XTHP21W18FZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 13:49:48 GMT
age: 3544
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
b45498aa1d784afd246e8ff555b08950
f07b2596b5f408047ef1f3d489bf81ef4b96eea5
6f8bad8fbe867443d2af858a07a768d4cceafa08575f91dd0bf5c9a1ef598d23

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4415
Cache-Control: max-age=100881
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:52 GMT
Etag: "6390cf26-118"
Expires: Fri, 09 Dec 2022 18:50:13 GMT
Last-Modified: Wed, 07 Dec 2022 17:36:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 14:48:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
b45498aa1d784afd246e8ff555b08950
f07b2596b5f408047ef1f3d489bf81ef4b96eea5
6f8bad8fbe867443d2af858a07a768d4cceafa08575f91dd0bf5c9a1ef598d23

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4415
Cache-Control: max-age=100881
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:52 GMT
Etag: "6390cf26-118"
Expires: Fri, 09 Dec 2022 18:50:13 GMT
Last-Modified: Wed, 07 Dec 2022 17:36:38 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 14:07:55 GMT
age: 2458
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
eae8c7032843fe1469d105bdc7db530c
7d2806c801de5cd36560faf4d4085db8652f319f
46b9f4024756287c86091e9490c18e31aca2db98db099fd51d0947c3049b5e69

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 14:48:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 01:32:31 GMT
Expires: Wed, 14 Dec 2022 01:32:30 GMT
Etag: "7d2806c801de5cd36560faf4d4085db8652f319f"
Cache-Control: max-age=470016,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77664df3cb8eb4e8-OSL

r.go2offer-1.com/click?offer_id=2476&pid=1698

34.90.46.36

302 Found

0 B

URL HTTP/2
r.go2offer-1.com/click?offer_id=2476&pid=1698
IP
34.90.46.36:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?offer_id=2476&pid=1698 HTTP/1.1
Host: r.go2offer-1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 14:48:53 GMT
content-length: 0
location: https://we-meet-today.com/?sub1=6391f955be63b900013aff1e&sub2=&affiliate_id=1698&source=&mst=2&sub3=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6391f955be63b900013aff1e; expires=Fri, 08 Dec 2023 14:48:53 GMT; secure; SameSite=None
afoffers={"2476":1670510933}; expires=Fri, 08 Dec 2023 14:48:53 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2789
Cache-Control: max-age=155068
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:53:21 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d92174fe10c38e9e8626debf0a250103
c46863f7483ff836899d2141fb6d9372ae4ac5f5
9b700a52f3350ac055037714dcad015fd6e041050974f80a0e58065e516d71f4

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9B700A52F3350AC055037714DCAD015FD6E041050974F80A0E58065E516D71F4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17821
Expires: Thu, 08 Dec 2022 19:45:54 GMT
Date: Thu, 08 Dec 2022 14:48:53 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d92174fe10c38e9e8626debf0a250103
c46863f7483ff836899d2141fb6d9372ae4ac5f5
9b700a52f3350ac055037714dcad015fd6e041050974f80a0e58065e516d71f4

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9B700A52F3350AC055037714DCAD015FD6E041050974F80A0E58065E516D71F4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17821
Expires: Thu, 08 Dec 2022 19:45:54 GMT
Date: Thu, 08 Dec 2022 14:48:53 GMT
Connection: keep-alive

push.services.mozilla.com/

35.165.1.70

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.1.70:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XUm2P60Nvlvqejavg1B7PQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QRrso3Y8lvwFcExM2nmXgMiWuuM=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
11a302ea55f351609774e40b083661c4
5c074e0b4452e7552afab1a482b8bf78dc815734
87285f2e9f489d221a8ba05d334deafe15206990565ea6c3f87d8104e9ad6190

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1044
Cache-Control: max-age=149032
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Etag: "63919869-117"
Expires: Sat, 10 Dec 2022 08:12:45 GMT
Last-Modified: Thu, 08 Dec 2022 07:55:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb6ca978063e92b066843ba43e384186
c72802fb016122326f79fd48e827f2f407c420e4
7303ab9e866fe79a790a98db5002c0e443da546e33a759373da4c861aa9934f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7303AB9E866FE79A790A98DB5002C0E443DA546E33A759373DA4C861AA9934F8"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2080
Expires: Thu, 08 Dec 2022 15:23:33 GMT
Date: Thu, 08 Dec 2022 14:48:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb6ca978063e92b066843ba43e384186
c72802fb016122326f79fd48e827f2f407c420e4
7303ab9e866fe79a790a98db5002c0e443da546e33a759373da4c861aa9934f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7303AB9E866FE79A790A98DB5002C0E443DA546E33A759373DA4C861AA9934F8"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2080
Expires: Thu, 08 Dec 2022 15:23:33 GMT
Date: Thu, 08 Dec 2022 14:48:53 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
11a302ea55f351609774e40b083661c4
5c074e0b4452e7552afab1a482b8bf78dc815734
87285f2e9f489d221a8ba05d334deafe15206990565ea6c3f87d8104e9ad6190

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1246
Cache-Control: max-age=149234
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Etag: "63919869-117"
Expires: Sat, 10 Dec 2022 08:16:07 GMT
Last-Modified: Thu, 08 Dec 2022 07:55:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

1.8 kB

URL HTTP/1.1
icalendar.datingtopgirls.com/icalendar.js
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text
Size
1.8 kB (1796 bytes)
Hash
d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 08 Dec 2022 14:48:53 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 08:43:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6307364a-173d"
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN

142.250.74.40

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (20080)
Size
76 kB (76333 bytes)
Hash
901f2668933596077ed133f090329fbd
9a4626a367c1817fec402b4dfa0f026f22ce7cb4
cf803067b6128a0509f153a2c5184aabdfb4a723d53ea21948bde52485af88e7

HTTP Headers

GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 14:48:53 GMT
expires: Thu, 08 Dec 2022 14:48:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

wmtn2.datingtopgirls.com/util/101-main-small.jpg

31.220.24.141

200 OK

40 kB

URL HTTP/1.1
wmtn2.datingtopgirls.com/util/101-main-small.jpg
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data
Size
40 kB (39973 bytes)
Hash
829475a66341c77e9b1b6de4df9d2068
5ffc8d0478e3977b9d9ceb97c78c42022ee2eff6
1d4039fb9c371683d23a96bab55be6b1e84fe4411d23e69492f1ad741f413d6f

HTTP Headers

GET /util/101-main-small.jpg HTTP/1.1
Host: wmtn2.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 08 Dec 2022 14:48:53 GMT
Content-Type: image/jpeg
Content-Length: 39973
Last-Modified: Wed, 02 Jun 2021 14:48:38 GMT
Connection: keep-alive
ETag: "60b79a46-9c25"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
b45498aa1d784afd246e8ff555b08950
f07b2596b5f408047ef1f3d489bf81ef4b96eea5
6f8bad8fbe867443d2af858a07a768d4cceafa08575f91dd0bf5c9a1ef598d23

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4416
Cache-Control: max-age=100881
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Etag: "6390cf26-118"
Expires: Fri, 09 Dec 2022 18:50:14 GMT
Last-Modified: Wed, 07 Dec 2022 17:36:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

1.9 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
1.9 kB (1938 bytes)
Hash
20d57ba277defd02d1ae491536b6d647
81cdd140248b871065b6557969cbf89d63a9a77e
50db6b99e806955b196e5dccc0ebe326736e0b5f3058c468ab84ef172e6fcf37

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:08 GMT
expires: Wed, 06 Dec 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 164265
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

142.250.74.35

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Size
13 kB (12700 bytes)
Hash
e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 02:08:35 GMT
expires: Mon, 04 Dec 2023 02:08:35 GMT
cache-control: public, max-age=31536000
age: 391218
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

5.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
5.1 kB (5137 bytes)
Hash
a91c4b6282e8f0ccf4612a87485c0387
e1bac54198441a22d0ba0f9a5d14e675169102dc
6085995057a96fcac8647a6b8093d9108e8d8ad5acfe4c9974a7a2b187b18b4c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM

142.250.74.46

200 OK

47 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2407)
Size
47 kB (47011 bytes)
Hash
84754c4b72c22c4f78792f3cbc68145f
feaa3b31bc000a88ba85c52662dee9df64ec6615
729e3f7df1e57c6b1d10eabd6b48d4a13cd57ee45a6ba9dedaa5bccc0ef4bf87

HTTP Headers

GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 14:48:54 GMT
expires: Thu, 08 Dec 2022 14:48:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
1ba2794f0f7dd2b29159959320fd42bd
8e73fa295266b44f59b5bc53cafb7febe3c85e39
3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c

HTTP Headers

GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 14:48:54 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=484508988.1670510933&gtm=2oebu0&aip=1&z=1945522678

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=484508988.1670510933&gtm=2oebu0&aip=1&z=1945522678
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=484508988.1670510933&gtm=2oebu0&aip=1&z=1945522678 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 14:48:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ca0e25495c2ec812a8701f7d06a43117
02e9f787effddc4c6e73ecc9c8a470fefc1e57da
ffe65919f2faf790839c5c96f0a3076fd07b74d839014f02a6c4799d0523f7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 14:48:54 GMT
Etag: "639150b1-1d7"
Last-Modified: Thu, 08 Dec 2022 14:20:19 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FPlssO3QLIvUFwSkYDp3YaXxulw6zWl2C_GpqrCnv_fozpfzpJGDdQ==
Age: 1715

region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oebu0&_p=472267314&cid=484508988.1670510933&ul=en-us&sr=1280x1024&_s=1&sid=1670510933&sct=1&seg=0&dl=https%3A%2F%2Fwe-meet-today.com%2Ftt&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oebu0&_p=472267314&cid=484508988.1670510933&ul=en-us&sr=1280x1024&_s=1&sid=1670510933&sct=1&seg=0&dl=https%3A%2F%2Fwe-meet-today.com%2Ftt&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oebu0&_p=472267314&cid=484508988.1670510933&ul=en-us&sr=1280x1024&_s=1&sid=1670510933&sct=1&seg=0&dl=https%3A%2F%2Fwe-meet-today.com%2Ftt&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://we-meet-today.com
date: Thu, 08 Dec 2022 14:48:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fwe-meet-today.com%2Ftt

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fwe-meet-today.com%2Ftt
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fwe-meet-today.com%2Ftt HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 14:48:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b3e50542924d4e1a95789a8c6c1e30e5; expires=Fri, 08 Dec 2023 14:48:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

botd.fpapi.io/api/v1/detect?version=0.1.23

3.215.11.173

200 OK

4.2 kB

URL HTTP/2
botd.fpapi.io/api/v1/detect?version=0.1.23
IP
3.215.11.173:0
ASN
#14618 AMAZON-AES

File type
data
Size
4.2 kB (4178 bytes)
Hash
dba2e6b5f98696c01ae42a1f34d5afa4
78fbb2cff89cf590f59b5f5c58a04351ec1383ad
25d836f3570ec8f7347db594a7273387573c39bd2063edd4e558b7695ca03adf

HTTP Headers

POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we-meet-today.com/
Content-Type: text/plain
Origin: https://we-meet-today.com
Content-Length: 22342
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:48:54 GMT
content-type: application/octet-stream
content-length: 44
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://we-meet-today.com
x-amzn-trace-id: Root=1-6391f956-143939f621dc3b5161bb3341
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=795B94A6452149769218E662555199A5&RedC=c.clarity.ms&MXFR=1C0E81487B2A6E5513BA933C7F2A60E3
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=1C0E81487B2A6E5513BA933C7F2A60E3; domain=.clarity.ms; expires=Tue, 02-Jan-2024 14:48:54 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 08 Dec 2022 14:48:54 GMT
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 14:48:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 14:48:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 14:48:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 54935
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7801 bytes)
Hash
8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 55939
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 59252
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 21646
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

botd.fpapi.io/api/v1/verify

3.215.11.173

200 OK

1.9 kB

URL HTTP/2
botd.fpapi.io/api/v1/verify
IP
3.215.11.173:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.9 kB (1878 bytes)
Hash
94c852ff54923056c3166373627edf77
d4a56aaf6075640571cd406b14de6d78fff9c426
3fffc8286657b3e30e75cc0d8b572205c2c86835f83c9be569d0030a2ec6910e

HTTP Headers

POST /api/v1/verify HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we-meet-today.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://we-meet-today.com
Content-Length: 81
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:48:54 GMT
content-type: application/json; charset=utf-8
content-length: 326
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://we-meet-today.com
x-amzn-trace-id: Root=1-6391f956-44b3f15c3ab162080310b035
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7609 bytes)
Hash
0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EmQGdW6eDQGTNSY5o0bGb7rS5i9FBeV29pEQMPui8P9XOpgZHW8leA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:58:23 GMT
age: 60631
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7268 bytes)
Hash
24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 56169
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=484508988.1670510933&gtm=2oebu0&aip=1

108.177.14.156

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=484508988.1670510933&gtm=2oebu0&aip=1
IP
108.177.14.156:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=484508988.1670510933&gtm=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://we-meet-today.com
date: Thu, 08 Dec 2022 14:48:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=795B94A6452149769218E662555199A5&RedC=c.clarity.ms&MXFR=1C0E81487B2A6E5513BA933C7F2A60E3

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=795B94A6452149769218E662555199A5&RedC=c.clarity.ms&MXFR=1C0E81487B2A6E5513BA933C7F2A60E3
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=795B94A6452149769218E662555199A5&RedC=c.clarity.ms&MXFR=1C0E81487B2A6E5513BA933C7F2A60E3 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=795B94A6452149769218E662555199A5&MUID=2E92BAFCC7AB6DB43609A888C6FC6C2F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2E92BAFCC7AB6DB43609A888C6FC6C2F; domain=c.bing.com; expires=Tue, 02-Jan-2024 14:48:55 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CD5989AF1A64061B0129A1E3B83B7DB Ref B: OSL30EDGE0420 Ref C: 2022-12-08T14:48:55Z
date: Thu, 08 Dec 2022 14:48:54 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 14:48:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.clarity.ms/c.gif?CtsSyncId=795B94A6452149769218E662555199A5&MUID=2E92BAFCC7AB6DB43609A888C6FC6C2F

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=795B94A6452149769218E662555199A5&MUID=2E92BAFCC7AB6DB43609A888C6FC6C2F
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=795B94A6452149769218E662555199A5&MUID=2E92BAFCC7AB6DB43609A888C6FC6C2F HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 08-Dec-2022 14:58:55 GMT; path=/; SameSite=None; Secure;
date: Thu, 08 Dec 2022 14:48:54 GMT
content-length: 42
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 954
Origin: https://we-meet-today.com
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://we-meet-today.com
access-control-allow-credentials: true
date: Thu, 08 Dec 2022 14:48:54 GMT
X-Firefox-Spdy: h2

wemeettoday.com/tt/01

172.67.170.116

302 Found

0 B

URL HTTP/2
wemeettoday.com/tt/01
IP
172.67.170.116:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /tt/01 HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 08 Dec 2022 14:48:52 GMT
content-type: text/html; charset=UTF-8
location: https://r.go2offer-1.com/click?offer_id=2476&pid=1698
set-cookie: hashid=b543b4e20050cf93d4695a0a2ac24aed; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
country=Norway; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
region=Oslo+County; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
country_code=no; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
latitude=59.955; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
longitude=10.859; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
tour=01; expires=Sun, 07-Dec-2025 14:48:52 GMT; Max-Age=94608000; path=/
hashid=42c1d35f8fb88f839ad2d5d9ccd815d8; expires=Fri, 08-Dec-2023 14:48:52 GMT; Max-Age=31536000; path=/
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGFbii120Xrhq70sSK1MCMs4L7iGTJUOFE7npiZjEzrQ%2Bq8ew1k7XH6SuYcnmCpqqkP7WZlhZk9a082pCQYWoTqJ937k8Hh6p4kJzONssCIwL9N6N6sJlDaYAzzETXn2Ed8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77664df189d40afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

we-meet-today.com/?sub1=6391f955be63b900013aff1e&sub2=&affiliate_id=1698&source=&mst=2&sub3=

188.114.97.1

302 Found

0 B

URL HTTP/2
we-meet-today.com/?sub1=6391f955be63b900013aff1e&sub2=&affiliate_id=1698&source=&mst=2&sub3=
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?sub1=6391f955be63b900013aff1e&sub2=&affiliate_id=1698&source=&mst=2&sub3= HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 08 Dec 2022 14:48:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: hashid=57a3340d79741dbda34cb797e6a3ba7f; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
country=Norway; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
region=Oslo+County; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
country_code=no; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
latitude=59.955; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
longitude=10.859; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
tour=1; expires=Sun, 07-Dec-2025 14:48:53 GMT; Max-Age=94608000; path=/
hashid=7a5f2898f644b0d1e4708ad224bca428; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=6391f955be63b900013aff1e; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=1698; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=2; expires=Fri, 08-Dec-2023 14:48:53 GMT; Max-Age=31536000; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1670510933; expires=Fri, 09-Dec-2022 14:48:53 GMT; Max-Age=86400; path=/
location: /tt
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgpsP%2FtDnaeL2Egj%2Bw9MW%2FfgG28GHqYoXzG%2BJlPH%2BlisqtAJDj96NM4dnGqaWqc7m9LsfIfR%2Fd%2FQ5DdgcrRHrQmJ21WmRyYK423HVWAG%2FJOCaXF11vq8K7onubRd6K9y8S8h%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77664df60f6d0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato&display=swap?82

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato&display=swap?82
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 14:48:53 GMT
date: Thu, 08 Dec 2022 14:48:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

wemeettoday.com/ascripts/gcu-2.8.3.js

104.21.95.141

200 OK

0 B

URL HTTP/2
wemeettoday.com/ascripts/gcu-2.8.3.js
IP
104.21.95.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ascripts/gcu-2.8.3.js HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:48:54 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 07:03:32 GMT
etag: W/"61fa2cc4-1737c"
expires: Fri, 09 Dec 2022 08:33:47 GMT
cache-control: max-age=86400, public
x-77-nzt: Abk73hEr5jX/61cAAA
x-77-nzt-ray: f4787b27a4f160ac56f9916378990402
x-cache: HIT
x-age: 22507
x-77-pop: amsterdamNL
x-77-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlrowzLWbbCmtmeZC0J%2Fo8wKqm59ynW1q881rFkg5y2KoWSIzF9cuzerQTL6oawHq63GLQsLXCMkjpKenlRIi8%2BjJuIssTE%2FVu57c6AKbe94SsydOTNbqHYSsX8SlyCe8gs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77664df8cf4bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.226.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 14:48:53 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2383
expires: Sun, 11 Dec 2022 14:48:53 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77664df7c97ab4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?82
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@600&display=swap?82 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 14:48:53 GMT
date: Thu, 08 Dec 2022 14:48:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/tag/bvsqia2v2y?ref=gtm

13.107.246.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=dee1e2b333bb4f45ac51961dd6a59809.20221208.20231208; expires=Fri, 08 Dec 2023 14:48:54 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0VvmRYwAAAAAkKUvhkcdbQJNmC+UimEx1U1ZHMjBFREdFMDYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 08 Dec 2022 14:48:53 GMT
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.43/clarity.js

13.107.246.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9082948124e4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0i72QYwAAAABgo2K15zwfQ7GqUXVCampYQU1TMDRFREdFMTkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0VvmRYwAAAAC3kZxjFNDiTaDrSeKOfTOBU1ZHMjBFREdFMDYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 08 Dec 2022 14:48:54 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations