Report - we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|

Report Overview

Submitted URL
we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
IP
172.67.154.135
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-24 19:57:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	473 B	563 B	64.233.162.155
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	890 B	588 B	20.75.32.255
icalendar.datingtopgirls.com	260095	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	2.1 kB	31.220.24.141
sap.prprocess.com	326576	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	514 B	131.153.42.226
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	694 B	142.250.74.3
d.pssy.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	550 B	131.153.42.224
wmt.datingtopgirls.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	63 kB	31.220.24.141
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	821 B	1.2 kB	20.234.93.27
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	1.5 kB	142.250.74.10
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	115 kB	104.18.226.52
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	3.8 kB	139.45.195.8
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	795 B	13.107.21.200
we-meet-today.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.7 kB	552 kB	104.21.80.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	13.224.132.9
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	75 kB	142.250.74.72
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	8.0 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.175.179
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	943 B	99.86.249.127
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	563 B	216.239.32.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	68 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.224.132.23
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	959 B	38 kB	142.250.74.163
wemeettoday.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	3.7 kB	104.21.95.141
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	8.4 kB	142.250.74.3
botd.fpapi.io	297160	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	446 B	514 B	54.92.225.101
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	738 B	1.1 kB	13.107.213.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	we-meet-today.com/fav/wmt/css/tt/02/app.css?80	Phishing
2022-09-24	medium	we-meet-today.com/js/main.js?80	Phishing
2022-09-24	medium	we-meet-today.com/js/script.js?80	Phishing
2022-09-24	medium	we-meet-today.com/fav/wmt/js/general.js?80	Phishing
2022-09-24	medium	we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js	Phishing
2022-09-24	medium	we-meet-today.com/js/notify.js?80	Phishing
2022-09-24	medium	icalendar.datingtopgirls.com/icalendar.js	Malware
2022-09-24	medium	we-meet-today.com/fav/wmt/img/tt/02/logo.svg	Phishing
2022-09-24	medium	we-meet-today.com/fav/wmt/video/tt/02/1.mp4	Phishing
2022-09-24	medium	wemeettoday.com/ascripts/gcu-2.8.3.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	pssy.xyz	Sinkholed

JavaScript (30)

	URL	Size	First Seen	Last Seen
	we-meet-today.com/js/notify.js?80	2.9 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/notify.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:25:21 Last Seen2023-03-17 12:47:52 Times Seen1 Hash a36984dbb2e2fc58ceed2df6de66fce3 43f4bbef2dd1fd000abf72336ccfb901d5b102d2 9a4a793d9d5fdb3d9c959cfb8aa98177439dcc67c1255520073fc2403692aa42 Loading...

	onesignal.com/api/v1/sync/9aa670f7-284e-4992-a65a-f76f7897c873/web?callback=__jp0	3.7 kB	2023-03-08	2023-03-08
Pretty URL onesignal.com/api/v1/sync/9aa670f7-284e-4992-a65a-f76f7897c873/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:38:04 Times Seen1 Hash 905a7fd756fe2a9871415f31a69d9aea 81840046c1af98afbacd52723e2a8dcc936d1d71 628e3d5954cb0a69c3f7a86439da6b0bdc3454dbbfe3586436d78f3123e18af6 Loading...

	www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM	109 kB	2023-03-08	2023-03-08
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 01:29:55 Times Seen1 Hash 92a1add09d07f3fe9dc54e97b05d04c3 f97224cdf9a535cd305181517fde297f2e210d19 0733089d7d039b02eb9654916a35261c9788657d07c6670443e0ae92bc9105ed Loading...

	we-meet-today.com/js/main.js?80	24 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/main.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:41 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 2cc8c012627c00ba257b84425b55e9e4 1fc7ad744f1eb3f195140dace57eecc62d2fd80f 4eed62e402335ca04f23bef09046e4c62acc16d67482e6089d114354b77dbbdf Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	352 B	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 38284d3542bae93edd9c02c50ab14d45 5ba94ebd6abb0532440d433b6df384007a38e60d 25dd4dfb5bfbf45b4dc7dab5cfa540a325ac31b5780766ff2919507786509260 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.226.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN	212 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash 5c3c1d63e0b309d11c821adade37d4bc 7e6a6fab64f16ea97ce522f12f1e09679ccbe5d1 dcca2b7ea4d1595379e0f430b91115ccae04b2d316a6af45ce975365772b13c1 Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	100 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen139 Hash 6657d5cb319244c6cf4c7378f47596e1 cb008f36db33ff73fa420f12425c18e65a3053ff 1bbc661e1e53aa8c4b872fba1e02a35e276b0a21bfe29d3c93a57257d6546aa6 Loading...

	we-meet-today.com/fav/wmt/js/general.js?80	2.6 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/fav/wmt/js/general.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:08 Times Seen1 Hash ac2980b954f5c825ae247ec465cdf7b3 b2ed269ed49acec959ae8119556c15c60e51d389 59a52073e4b2e90786ca246b5d6d72b957beccf8ebe8c50ecee74a6005b3cbce Loading...

	www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c	214 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash a503e19e59997b5a24a4adb939b1ce5e e7e5d805159cd13e54c33cd75dee1ed3b0a21aa9 c7d522df5ed6141caf3dd392c4d3ae302063e3029576d2a8560b02ddb9170925 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6	697 B	2023-03-07	2023-03-17
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash e72d2fbeb919684f0a71052821b2fd59 4c0a3f37d9b9498017675cdd8ce7bda445a1a7e6 903783351b6462d0d9cf234644c4246ec124868a614610d1179ba82f9674d693 Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	463 B	2023-03-08	2023-03-08
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash 1875aa99cb66fcb39afdfc8582051730 d071e903324e22e234ea0f8d63f1f1a38aa00cd6 f47237a24b233504bf68a08bf5f0080dcd0f449bf8be7ce7cf67c3f23b0a62e3 Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	244 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen123 Hash c2d7fd0076f5e94198e0b8df53b52f2f 6677090bec52a47a8a71b12f38df2a13acf30ed3 db5589938f906525089cad0aaf2d24848b46d1c3afa382c72a0e0cb15517bb4c Loading...

	icalendar.datingtopgirls.com/icalendar.js	5.9 kB	2023-03-07	2023-03-17
Pretty URL icalendar.datingtopgirls.com/icalendar.js IP 31.220.24.141 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 1542e1c96753770e587968d803376c9a c49a24c38a498620e420951e65ddf65f46dda447 2887db4531172d1c88a4d6b55bda50c5f0dacb95918e2666129cda5d8ec98a8b Loading...

	we-meet-today.com/js/script.js?80	12 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/script.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 18e3029678fdb51658bdca1782a4b136 10165baf9a97ae5f2b4d1f9d50f56c90b05bb9a2 44624f0605cd4a8aa254792293185bace14ba40f412e8c760e415b8561f6e4f0 Loading...

	we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-09
Pretty URL we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-05-09 19:23:29 Times Seen12289 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	257 B	2023-03-08	2023-03-08
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash f9b6873ec68cc0d399c6789f92988734 cd64f4804c66c52bc680309f3952b08bec6db333 286e884b1d133c888c77e3d086e15a7ac23f178b977046a71fea0a890099056d Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	381 B	2023-03-07	2024-04-25
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-25 08:02:51 Times Seen483 Hash 2d63d2fc063a3b79517968ef422bfae2 3f5020fc07330429b607f808fc5373f5bede54a0 5c0085f5aec987d46f3ebd4a6ed616c806878b0a82cf6f8c926cb41925d637d1 Loading...

	sap.prprocess.com/goal.js.php	424 B	2023-03-07	2023-07-08
Pretty URL sap.prprocess.com/goal.js.php IP 131.153.42.226 ASN #20454 SSASN2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-07-08 01:49:34 Times Seen11 Hash a560cbf5e819c9c2102c3ef72b211052 ec60a4f96f8bee5d1791a3042df9f50a147b40bf 3373fd2c593fa26443172f9a9f13e98aed86e755d8834d085235405d1657f21a Loading...

	we-meet-today.com/fav/wmt/js/tt/02/app.js?80	8.9 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/fav/wmt/js/tt/02/app.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:36 Last Seen2023-03-17 12:42:01 Times Seen1 Hash 423e62bf14ccaf61c45b1562504eb974 932c802c0447bbab275acfcec6014f58d879a465 544c03e1a21dc851c14cc9042be83568c175529acb0de0b3e8e87a7f8bc8585e Loading...

	we-meet-today.com/fav/wmt/js/sektor.js?80	4.5 kB	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/fav/wmt/js/sektor.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:25 Last Seen2024-02-02 00:56:36 Times Seen150 Hash ae2f31e58981cfe5f8aa90fc0a97e3a1 f90868a52df7cd9430c1b89a299dcdc0f230177f dccc44a5b344ec5e0f52d24a383bca3b15c632d3d168bfe4347432526fef2276 Loading...

	www.clarity.ms/tag/bvsqia2v2y?ref=gtm	1.6 kB	2023-03-07	2023-03-08
Pretty URL www.clarity.ms/tag/bvsqia2v2y?ref=gtm IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:48 Last Seen2023-03-08 01:56:50 Times Seen1 Hash 051b93c1a2a4725f9074889d1de8e35f ec2b3767848c9e875ff6e649d5fca3c486474c6b f151f547422ee2b0ccec30e9761c4aae7153a8222c6f2411546c526118d60c1c Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	181 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen124 Hash ff011f0cb72b358b522a578437cac65f 2538907faf1f40db704a2c4738dc1b41bef3bac1 0607af71e7799808b08043230410f0385ccb521197e0f1c0bb816966c71da696 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX	156 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash 21d452aff57de2d280438cab5041fdb9 a2c0a4e1a56426eacf864228a1ae428ea9d98a3f a3805432a6155ee106aa0122b14d71377e85444998c53753d517780a02616a7b Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D225q18j3qg8qf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D61461%2526c1%253Darb%257C287%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1664049455201&t_i=1664049455509&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=225q18j3qg8qf&fpid_sa=1664049455509&fpid=&feid_sa=1&sid_sa=1&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%2261461%22%2C%22page_id%22%3A%22a9638800a78ef06f1f6494543d0f5803%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.326&cb=gl.cb.pv	65 B	2023-03-08	2023-03-08
Pretty URL wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D225q18j3qg8qf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D61461%2526c1%253Darb%257C287%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1664049455201&t_i=1664049455509&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=225q18j3qg8qf&fpid_sa=1664049455509&fpid=&feid_sa=1&sid_sa=1&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%2261461%22%2C%22page_id%22%3A%22a9638800a78ef06f1f6494543d0f5803%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.326&cb=gl.cb.pv IP 104.21.95.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash 2a4107b7a2e940452b7ebd6e441c9a2b d0e8688b059f072df1a1912e1f3d93ca366f4e93 30c5311f1229149ef0486cae724c8d4e79bb687efc3554b20824e75f3eac6601 Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	987 B	2023-03-08	2023-03-08
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:37:25 Last Seen2023-03-08 00:37:25 Times Seen1 Hash 8c60eb5ad9d7351a855c4e9885b4e127 1469b3a78dfb157bc1fd06129ace05567e7967ee 7fe7905d6e5a2c52ecc3759c43ea9b6e1ee365b37945ccfe1be3ad3dceed7cb9 Loading...

	we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\|	33 B	2023-03-07	2023-10-16
Pretty URL we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb\|287\| IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:52 Last Seen2023-10-16 08:02:38 Times Seen117 Hash 8dbba962f13697f99ed698b6c7b8bff1 2780151745bf59ad74e28bac3be556a13d160596 798f3fd7c6503da88144be4e39f30d1c056b0cdff5deab0b2a752642f20f35f3 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5	697 B	2023-03-07	2023-03-17
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 7810e171104615cbf47646d929eb2f07 6186265ba25a5d3c24e3045237c4dd2b405914b6 a6a952ca48c1eb05cf81aaa8d867561ad7d150a12b5588e85649c021ddaead31 Loading...

	www.clarity.ms/eus2/s/0.6.41/clarity.js	55 kB	2023-03-07	2023-03-08
Pretty URL www.clarity.ms/eus2/s/0.6.41/clarity.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:43 Last Seen2023-03-08 03:54:21 Times Seen1 Hash 5dce5bd2cc44cefd6b7d3bd6e985b649 b7449b6ab57a1c9e8759aa620492e6d4a1ef1638 61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517 Loading...

HTTP Transactions (81)

URL IP Response Size

we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|

104.21.80.226

200 OK

6.3 kB

URL HTTP/1.1
we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2912)
Size
6.3 kB (6321 bytes)
Hash
f21431fd133adce4af4a8e2c07f5ee97
4a0ab4c51e944902b43d28ec49aab73d16d13495
ac711d93e71c63399e3d42606ab626a244fb122037c62d2fb768e3b135cfec78

HTTP Headers

GET /tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287| HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hashid=91e0327fe6f69fce8fe28dc2b0f3aabd; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
country=Norway; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
region=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
country_code=no; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
latitude=59.9127; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
longitude=10.7461; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
tour=02; expires=Tue, 23-Sep-2025 19:57:36 GMT; Max-Age=94608000; path=/
hashid=c0dfa27f39ec8059db26959494648467; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=225q18j3qg8qf; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=61; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=61461; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=13989; expires=Sun, 24-Sep-2023 19:57:36 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1664049456; expires=Sun, 25-Sep-2022 19:57:36 GMT; Max-Age=86400; path=/
push_v2=51; expires=Sat, 01-Oct-2022 19:57:36 GMT; Max-Age=604800; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aw0L2K%2FuJC4HwiNcSlme48uRELX8f8Gp01F3f9KJuZpPmVoqsyhKH8ahnDaCTuYqwEhVTm57seGDy%2F2IkWrx5%2FANWwvxlWdzPwEeiBBHySoyHOtLfkdVK5zDMvBuC2rX7p1jA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170d2c69b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

13.224.132.23

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.224.132.23:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 19:05:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 253e41640534a8ebde4c0b8e13b25d54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: OZlup5Y1QSC5tOvVqIz2cclGcYXMUlPnW8Pafll1gFB8H5Uvx2GRQg==
Age: 3112

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7642
Expires: Sat, 24 Sep 2022 22:04:58 GMT
Date: Sat, 24 Sep 2022 19:57:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

13.224.132.9

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
13.224.132.9:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 3d81a5fb6988905cee1d06dfcada57dc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: 4SP7ANz1CnP9CtJYcKGdbgQSZQYtkPrTkTO7CK2ZavE6ZpxJ9M7sFQ==
age: 56673
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:57:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/css/tt/02/app.css?80

104.21.80.226

200 OK

5.0 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/css/tt/02/app.css?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.0 kB (4985 bytes)
Hash
bc68ff480e3b144050e5f2b9ecb9f520
26ccb78db6a48fbcc702a12b51c6edd8fe3327cf
cc91dc70171a9dd42c3f38dbeb1e5a512a23ac6be67270234c8b1ce2ad957920

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/css/tt/02/app.css?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 15:11:08 GMT
ETag: W/"60b79f8c-52c2"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kWC%2Bq%2BEanb%2BXTUeOhLv86kxSB89pJzkLUkqiMKESBMjT2CqKrbuBiXtF8s4dJco0orafF7Fjutqc7UJVg8jHyo4%2BHWgu5FAdSXkszY%2BRmOqyFM8x8srw%2F8Cdix57ZBc8ckfAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f2f06b524-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
eafea1280d48f66517ec90ac5063225a
875bb96e8cb720b9501abd145b51f6ce13e78798
dcfe46e876a7842c5ed05cc3d0e1c501b691711c8f1f3a7736692385fb755296

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Last-Modified: Sat, 24 Sep 2022 18:42:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

we-meet-today.com/fav/wmt/css/additional.css?80

104.21.80.226

200 OK

2.3 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/css/additional.css?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.3 kB (2343 bytes)
Hash
b1acf4ef68827b14106ab74591ab4b8f
9714a07c36a44a5639f042841a89ca031aa02da4
c45cad606d40451a732068b4b9ffda664bb011ba1b4483852ca86b11f3627ce3

HTTP Headers

GET /fav/wmt/css/additional.css?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Aug 2021 11:07:47 GMT
ETag: W/"611b9883-1bc8"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H42A1b5csEX5L4utWqbRP6usAbmaN8rdwljv7jj0x1avXWgRS2uKxRl4t3iqeeFAb6WXoa%2BBf9QWitW261IpC0aIju%2BavKV5u%2BGdi4637vfWPa4%2FeJliHryYAV6pKCN1RmN3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f284ab505-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/js/sektor.js?80

104.21.80.226

200 OK

1.6 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/sektor.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.6 kB (1616 bytes)
Hash
f74913a553af03fcb5d16688f40f09ff
163796aaccdd159d276ab20e53729a8f73462ec6
8f709ff8c497a8b1805f81b9fa0cc4f8c92d8cb451ee886d62bb51fe1af0daff

HTTP Headers

GET /fav/wmt/js/sektor.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-116b"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqYHfnmisfNT5O3DR7f7TtIjpdqZnzpTt%2BflNXxP1z57zZc5ofIE%2BY%2F3BjypHbQCGfDqhLGE0Xgk9kvihi88e4uKUV%2FKogSOwgotBwxaTYOnNQ5ZZzqMkTFA4hc4KHLE8Opbtw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f6f58b524-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/js/main.js?80

104.21.80.226

200 OK

5.3 kB

URL HTTP/1.1
we-meet-today.com/js/main.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.3 kB (5310 bytes)
Hash
25a789a4e3b8690534449ad6c71d895a
3b6785430ece316753c62f6f2facaadd7408e337
6800a5801037fc30a1854e07b2cc109e5410347609bf456421b9b7a5a4ec8668

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/main.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:41:39 GMT
ETag: W/"631f4523-5ce5"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0R5kpruud3RT5pVSPo4k3WeVcbBfCS3SFkHbe%2BC7swkOFNZC24W%2FLLP%2F5gmeK2S6OesxUaaIvjIXPrnq6Ob1slEdtqWP71pZJmrbuD0umPrlOWDTaPT6m40WFLS44S7kNXSH%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f3f380b06-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/js/script.js?80

104.21.80.226

200 OK

4.0 kB

URL HTTP/1.1
we-meet-today.com/js/script.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.0 kB (4018 bytes)
Hash
04adeb405dede58025cf9356150fb279
c3793270be2dfe5e11be8a4d6e61a487380cf627
405041e51d67459230b8919dd7192a16a1aa29fd08407257cf4919e013072d23

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/script.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Apr 2022 13:31:39 GMT
ETag: W/"624ee7bb-30a3"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTleq7rNi1Dytn%2FIj1q6e1C8NFUPgXFOslYMFTSryD%2FvB5rnk8cGB%2BKNpM2cr3L42zVE8ow7nu77h0F9LOP%2FdetN5HjXXExnqlYjAcM3GYhsoymkrXsh9uqyX0C0Ivtkmg5y1g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f4f1cb511-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/js/general.js?80

104.21.80.226

200 OK

1.1 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/general.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1085 bytes)
Hash
53a993fa7b998158d09cfa71c176e1b3
a454d10374164db2b33eba2c0c2c3d0e63089345
207be534410d95c70aef0128cc7522b8a49426a14130208c4ad6c4d52f95f9df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/js/general.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 12:52:03 GMT
ETag: W/"62c2e273-a07"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gdy1CeJoN79oyS%2Fxv5H38HqPYuxns%2BhQSUjsPjmqIL1%2F7bg%2BXzv9H6FDZDM6adaIcxn72m6ILfmHQynl0PLLzjlN5T73VhCl7A4HLJEjT%2BmCADEWmhun0TriRG%2F9J3OX5TDzSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f4fffb529-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js

104.21.80.226

200 OK

35 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35293 bytes)
Hash
6bf2d76cb230a7aa9826611fda6744d8
fdfb5f5a10b395c57feb07e07f15bc23ad5f617c
70c7f7e865d8a5e685595c8994211a46bffa65949f756f49f27cc3c22d1d192b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/js/jquery-3.3.1.min.js HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-15339"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMNeAPU36KZCZ2%2F0ha3rrJ%2FEZw4DLHnNysTM%2FgRaJMNjC%2BqOgBEUY5J3CCz5afQjiM9%2F5m9G9UDtFFUQQEmY74CyE1cE%2Fb5QxKRRL9j%2BQ71LQx%2F6Ov4WWUJI6MTGfsiR2Ta4JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f38131c16-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/js/notify.js?80

104.21.80.226

200 OK

1.1 kB

URL HTTP/1.1
we-meet-today.com/js/notify.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1096 bytes)
Hash
3b2d92e9efee2e0f9c3ccb0a2ae6bfcb
75d1b601260e855515dde0311fae850c5e06ea4a
0f3e5cf310cd33af2898491caa7351f8825b08e143ba8f26c7d007063c4aed8f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/notify.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:41:39 GMT
ETag: W/"631f4523-b54"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92d4iDYshK1%2Big%2Fr38ci%2FSFOu3UykX4XLlLW4rMeuYGRFGfy3NCGSi0rre74rZDKEpGRlGpJYw2hfq5Z8dHFik0hTLZb2ack4MlBOvOPivUZrXhNvsDxn4zW2qflbAPVE0VWhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f9f84b524-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/js/tt/02/app.js?80

104.21.80.226

200 OK

3.1 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/tt/02/app.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.1 kB (3056 bytes)
Hash
c09ba7cd41334a38eab9f9b8e6943f78
6b45dac3f77cdb08982a3223ec0f02994b0d17b7
e34311c4e1e2d6930c4f59cfcad83d2983aff6b023303a5722f83adb544a1739

HTTP Headers

GET /fav/wmt/js/tt/02/app.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Jun 2021 13:25:37 GMT
ETag: W/"60d5d951-22af"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xX7PsjjQ5T7ZbHdH%2Bk3rayYAgDI%2FwFJy7JoMYtE4Hl6QIMCyjWOY%2Fts7itU3i%2Fn4yMWpt9epC9UngEPXf7VDbxEOwP8iGd%2BLFb71vwFx8CJiUbujoI9acQ1hHtqRYvjynjF3gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe170f98e5b505-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7bf7ca76e99c5b795c84fd498700027d
cc108b312c74f44c23ea058b8175387ff72d3fa4
26717ca82627bf338b1f243e42f5af62dd1b19667aba60f55881f089579330f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26717CA82627BF338B1F243E42F5AF62DD1B19667ABA60F55881F089579330F4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2797
Expires: Sat, 24 Sep 2022 20:44:13 GMT
Date: Sat, 24 Sep 2022 19:57:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7bf7ca76e99c5b795c84fd498700027d
cc108b312c74f44c23ea058b8175387ff72d3fa4
26717ca82627bf338b1f243e42f5af62dd1b19667aba60f55881f089579330f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26717CA82627BF338B1F243E42F5AF62DD1B19667ABA60F55881F089579330F4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2797
Expires: Sat, 24 Sep 2022 20:44:13 GMT
Date: Sat, 24 Sep 2022 19:57:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
eafea1280d48f66517ec90ac5063225a
875bb96e8cb720b9501abd145b51f6ce13e78798
dcfe46e876a7842c5ed05cc3d0e1c501b691711c8f1f3a7736692385fb755296

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Last-Modified: Sat, 24 Sep 2022 18:42:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

1.8 kB

URL HTTP/1.1
icalendar.datingtopgirls.com/icalendar.js
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text
Size
1.8 kB (1796 bytes)
Hash
d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Apr 2022 08:51:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6259322b-173d"
Content-Encoding: gzip

we-meet-today.com/fav/wmt/img/tt/02/logo.svg

104.21.80.226

200 OK

3.9 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/img/tt/02/logo.svg
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (890)
Size
3.9 kB (3915 bytes)
Hash
85b82f3d2ef7036367b4f12920b3fb8f
3096d9f7093f4eef81a8a1287b454f08f93c8c76
e8202961f223c452b73b4a2d3946bbc492abff4a814cd0bf638a1d3151a9a5b8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/img/tt/02/logo.svg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-2006"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm2K%2F6maT5i%2ByUCtbb4oWSRF%2BTfyJ9QSb7FLKaAMuZrY7zwbPuTOrYZHDAfwDV7pwuDSlDp78hiwAdqptvljbM7ASdk71s9ugq%2FeGdIqGmPVnyylOdTUT83PiAzkEGLOdt2wCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe171029411c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN

142.250.74.72

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (17807)
Size
75 kB (74617 bytes)
Hash
705e643e7e0fa92a1f7688f4f83e2f8a
df3a8e67e2d5aabc2e906d65105a7c58c7cabd53
fff19139f686aee29c83c10de975e5f0850c53c06662b2002121b272dc291b7d

HTTP Headers

GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 19:57:36 GMT
expires: Sat, 24 Sep 2022 19:57:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74617
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg

104.21.80.226

200 OK

3.4 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/img/tt/02/user-1.jpg
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Size
3.4 kB (3430 bytes)
Hash
e25421fcd356f9ad3925d5acb670d448
73d3da0ca8a41a87ab5940b62b46205250973c47
925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73

HTTP Headers

GET /fav/wmt/img/tt/02/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: image/jpeg
Content-Length: 3430
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: "5fec4299-d66"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE60iaz4Ti%2F8BD2CwjFqOVJViNbDX%2BD2NuwRmLx0DqhBMutwJIL2Uutlf7XIuQlEcN7tAG0N9ifHsIHtVbb7nnEvdWMUVFsYTmSezljYnMyDK9LcqmkX6PMi4PuB3k%2BEWEFesw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe17102fff0b06-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wmt.datingtopgirls.com/util/1-small.jpg

31.220.24.141

200 OK

63 kB

URL HTTP/1.1
wmt.datingtopgirls.com/util/1-small.jpg
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data
Size
63 kB (62808 bytes)
Hash
30737574deb1bfc2fbe5ccb5ced7b656
12f02e651c9d3ac340c23aede3b2d9409194d6f5
711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29

HTTP Headers

GET /util/1-small.jpg HTTP/1.1
Host: wmt.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: image/jpeg
Content-Length: 62808
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-f558"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 355635
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Size
13 kB (12700 bytes)
Hash
e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 01:43:56 GMT
expires: Sun, 24 Sep 2023 01:43:56 GMT
cache-control: public, max-age=31536000
age: 65620
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6343ca2969b02256cf4209988b69228b
e9c76051c2d95b2fd1acddf14f3b06bdc190acdf
eb9218645e907c51c2176178b106fefb84677688849e9033c1ab8bea23313350

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB9218645E907C51C2176178B106FEFB84677688849E9033C1AB8BEA23313350"
Last-Modified: Sat, 24 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2720
Expires: Sat, 24 Sep 2022 20:42:56 GMT
Date: Sat, 24 Sep 2022 19:57:36 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/fav/wmt/video/tt/02/1.mp4

104.21.80.226

206 Partial Content

466 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/video/tt/02/1.mp4
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
466 kB (465914 bytes)
Hash
c3acc6bf0da85a13c9f74aa1c127ae9b
72584b1fe86a0f7b3e00ca397eafcb445b149d78
f3b9ab5a33561c74d6f4a0dda9fc194fd97ef5d8b82805a397a432fe88d54005

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/video/tt/02/1.mp4 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51

HTTP/1.1 206 Partial Content
Date: Sat, 24 Sep 2022 19:57:36 GMT
Content-Type: video/mp4
Content-Length: 465914
Connection: keep-alive
Last-Modified: Mon, 04 Apr 2022 13:40:02 GMT
ETag: "624af532-71bfa"
Expires: Sun, 24 Sep 2023 19:57:36 GMT
Cache-Control: max-age=31536000
Content-Range: bytes 0-465913/465914
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiyLfiknYUVtrzHs0EVBgMqvK0Cub9G0BqkR%2BsslAdlhMNSbTEiw2JbZEwjSvbTc%2F5IlXBNiqwPbbQkviBRTp4ot4IdYriuA4%2B%2B%2F8U8Dhsdneiy8d2yKGe05bIrBNPuv8xHtVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe17110a291c16-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.224.132.23

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.224.132.23:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 19:20:46 GMT
Expires: Sat, 24 Sep 2022 19:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ce730d33091c8015848f9f46f438eab2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: lLEJn0b0STLjG5FOWw7yQ8dDHqtS9UDV0xaSWzd4tnD_wEg3QlU0KA==
Age: 2211

wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D225q18j3qg8qf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D61461%2526c1%253Darb%257C287%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1664049455201&t_i=1664049455509&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=225q18j3qg8qf&fpid_sa=1664049455509&fpid=&feid_sa=1&sid_sa=1&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%2261461%22%2C%22page_id%22%3A%22a9638800a78ef06f1f6494543d0f5803%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.326&cb=gl.cb.pv

104.21.95.141

301 Moved Permanently

162 B

URL HTTP/1.1
wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D225q18j3qg8qf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D61461%2526c1%253Darb%257C287%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1664049455201&t_i=1664049455509&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=225q18j3qg8qf&fpid_sa=1664049455509&fpid=&feid_sa=1&sid_sa=1&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%2261461%22%2C%22page_id%22%3A%22a9638800a78ef06f1f6494543d0f5803%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.326&cb=gl.cb.pv
IP
104.21.95.141:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D225q18j3qg8qf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D61461%2526c1%253Darb%257C287%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1664049455201&t_i=1664049455509&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=225q18j3qg8qf&fpid_sa=1664049455509&fpid=&feid_sa=1&sid_sa=1&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%2261461%22%2C%22page_id%22%3A%22a9638800a78ef06f1f6494543d0f5803%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.326&cb=gl.cb.pv HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 19:57:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt%252F02%253Faffiliate_id%253D13989%2526sub1%253D225q18j3qg8qf%2526sub2%253D%2526sub8%253D%2526sub7%253D61%2526source%253D61461%2526c1%253Darb%257C287%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1664049455201&t_i=1664049455509&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&nav_rc=0&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=225q18j3qg8qf&fpid_sa=1664049455509&fpid=&feid_sa=1&sid_sa=1&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2213989%22%2C%22source%22%3A%2261461%22%2C%22page_id%22%3A%22a9638800a78ef06f1f6494543d0f5803%22%2C%22tour%22%3A%22t%2F02%22%7D&t_op=0.326&cb=gl.cb.pv
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q2S0SiCjEgwaMY9hMwSXxvBEuDCGS07M6kST%2BrHji3x8bsFUMSLai6crD%2FDXBd4jU6OCoI%2BtpTPFwD6VUB%2FJSz3vEhLBu%2Fe%2FUbp9gATQpKhxrPv%2F5rNMMso1imbYfSm00s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe1712bdbc0b55-OSL
alt-svc: h2=":443"; ma=60

sap.prprocess.com/goal.js.php

131.153.42.226

200 OK

262 B

URL HTTP/1.1
sap.prprocess.com/goal.js.php
IP
131.153.42.226:0
ASN
#20454 SSASN2

File type
ASCII text
Size
262 B (262 bytes)
Hash
2981ab0dc3b24790981241be18df8ff6
4fb1f2538e534d9a99cb72ca7dc927fb239ed377
6292f81b848047627ab93d7b235cd9a2358e936ba8f2b2cd36553d253d120a60

HTTP Headers

GET /goal.js.php HTTP/1.1
Host: sap.prprocess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 19:57:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
mime-type: application/javascript
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

115 kB

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.226.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9097)
Size
115 kB (114675 bytes)
Hash
9ba4c42020b70b06313ce07a71448b2d
866ce77cc5092e8d1503e0707ab818fc1c9d8ae7
fdec82c718732bf28a80897f700c7bd32170a503cea46ef68070aca6587df7fe

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:57:36 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2170
expires: Tue, 27 Sep 2022 19:57:36 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74fe170fba0f1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3681
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:37 GMT
Last-Modified: Sat, 24 Sep 2022 18:56:16 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=425863,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fe17134cc30b45-OSL

my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
7810e171104615cbf47646d929eb2f07
6186265ba25a5d3c24e3045237c4dd2b405914b6
a6a952ca48c1eb05cf81aaa8d867561ad7d150a12b5588e85649c021ddaead31

HTTP Headers

GET /p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:57:37 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=425863,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fe17136dc4b529-OSL

my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
e72d2fbeb919684f0a71052821b2fd59
4c0a3f37d9b9498017675cdd8ce7bda445a1a7e6
903783351b6462d0d9cf234644c4246ec124868a614610d1179ba82f9674d693

HTTP Headers

GET /p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:57:37 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.175.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.175.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TS74oUZJ/6T7m8/PEV7QiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +l+gSb0RX4Ne/yx8/5b1Hf4CC4k=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d622b2d18bd3406598ffb4c137564485
729f2e4c87f6fcc34a0b74e07b301d9340cab679
78a89ba44ebee0a2c044b0e0b9447c8114bd1f15985c22d4fce22009af9a61e3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78A89BA44EBEE0A2C044B0E0B9447C8114BD1F15985C22D4FCE22009AF9A61E3"
Last-Modified: Thu, 22 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8941
Expires: Sat, 24 Sep 2022 22:26:38 GMT
Date: Sat, 24 Sep 2022 19:57:37 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

99.86.249.127

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
99.86.249.127:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c38e74191ce3f99c4f62f4f7a3e7f7d4
d652a2536866ab92094eeefe9ad1a1a1ee2861a5
cb5ca7f56a34887d5ad989b9aa45118ac01f4bcb93b06b1c24348ece7aeae00a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 19:57:37 GMT
Last-Modified: Sat, 24 Sep 2022 19:05:59 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 4ddd403b8cdc86f432a9bb587ffd918e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: zGHaxNwZpwjSDR5YRALLrwoRk-tu4oMa4eQFWPfWPB0BKCgSAVrUYw==
Age: 3099

we-meet-today.com/favicon.ico

104.21.80.226

200 OK

614 B

URL HTTP/1.1
we-meet-today.com/favicon.ico
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
614 B (614 bytes)
Hash
2f9af1c788d1f8b7545b9ec8fe34585e
da6afc482a5a5993016d44d30fcdb5bf751cd404
90fce4536ab5146e4d7e65ea8b5f8d18bd15fdc8b99061d1ab3ac1483a7957fb

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt/02?affiliate_id=13989&sub1=225q18j3qg8qf&sub2=&sub8=&sub7=61&source=61461&c1=arb|287|
Cookie: hashid=c0dfa27f39ec8059db26959494648467; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=02; sub1=225q18j3qg8qf; sub7=61; source=61461; affiliate_id=13989; st=1664049456; push_v2=51; fpid=; fpid_sa=1664049455509; feid=463c59e8b328cd6f3f5e499147bade0c; sid=3227b75fb314de8363f5e82ffacf758f; feid_sa=1; sid_sa=1; utm=%7B%22ads_type%22%3A%22%22%7D; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1664049455.1.0.1664049455.0.0.0; _ga=GA1.1.427338458.1664049456; _ga_Q7W6GLM2DR=GS1.1.1664049455.1.0.1664049455.60.0.0; xfeid=6aeed8aa91ee040286ce19712beb545d

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:57:37 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:27:36 GMT
ETag: W/"5fec4808-47e"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br%2B1Xn9HMFoWx8K5tKFEwbm%2F%2BlLFKaV6wcnySou3ioGKA5LOA9EbTYANDW8CLhCzLoVjhKRv7BOWYdYyl46gu6xrDGA%2FNLOvQGHA%2FcMvcaMTIBM0hXpQdcTovwyX6RNJ4m35qg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe17164feb1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe9l0&_p=791747678&cid=427338458.1664049456&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664049455&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe9l0&_p=791747678&cid=427338458.1664049456&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664049455&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe9l0&_p=791747678&cid=427338458.1664049456&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664049455&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Sat, 24 Sep 2022 19:57:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=427338458.1664049456&gtm=2oe9l0&aip=1&z=1688041268

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=427338458.1664049456&gtm=2oe9l0&aip=1&z=1688041268
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=427338458.1664049456&gtm=2oe9l0&aip=1&z=1688041268 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 19:57:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/img.gif?f=sync&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:57:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=68f63f7f381244e4a32677d964e2470f; expires=Sun, 24 Sep 2023 19:57:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

d.pssy.xyz/t.php?id=DauLyHxAwjxJzRREiSWdntAJ5cjtny

131.153.42.224

200 OK

20 B

URL HTTP/1.1
d.pssy.xyz/t.php?id=DauLyHxAwjxJzRREiSWdntAJ5cjtny
IP
131.153.42.224:0
ASN
#20454 SSASN2

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /t.php?id=DauLyHxAwjxJzRREiSWdntAJ5cjtny HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 19:57:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=db71ca77-5631-4f6d-9594-11609366d891; expires=Sun, 24-Sep-2023 19:57:37 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
prg=1664049457%2CDauLyHxAwjxJzRREiSWdntAJ5cjtny; expires=Sun, 24-Sep-2023 19:57:37 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip

botd.fpapi.io/api/v1/detect?version=0.1.23

54.92.225.101

401 Unauthorized

69 B

URL HTTP/2
botd.fpapi.io/api/v1/detect?version=0.1.23
IP
54.92.225.101:0
ASN
#14618 AMAZON-AES

File type
data
Size
69 B (69 bytes)
Hash
32ba2944a9fb9f71e7edc24a56593f3d
52b5da6230916b04a19d6f712ef247513831038c
e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9

HTTP Headers

POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Content-Type: text/plain
Origin: http://we-meet-today.com
Content-Length: 21453
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 401 Unauthorized
date: Sat, 24 Sep 2022 19:57:37 GMT
content-type: application/octet-stream
content-length: 69
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://we-meet-today.com
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=427338458.1664049456&gtm=2oe9l0&aip=1

64.233.162.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=427338458.1664049456&gtm=2oe9l0&aip=1
IP
64.233.162.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=427338458.1664049456&gtm=2oe9l0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Sat, 24 Sep 2022 19:57:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:57:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/img.gif?f=sync&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt%2F02%3Faffiliate_id%3D13989%26sub1%3D225q18j3qg8qf%26sub2%3D%26sub8%3D%26sub7%3D61%26source%3D61461%26c1%3Darb%7C287%7C HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Cookie: ID=68f63f7f381244e4a32677d964e2470f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:57:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=68f63f7f381244e4a32677d964e2470f; expires=Sun, 24 Sep 2023 19:57:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&u_adb=0&t_op=1.318&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1664049455509&fpid=&feid_sa=2&sid_sa=2&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&vn=S-2.8.3&s_rst=0&xfeid=6aeed8aa91ee040286ce19712beb545d&st_d=%7B%7D

104.21.95.141

301 Moved Permanently

162 B

URL HTTP/1.1
wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&u_adb=0&t_op=1.318&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1664049455509&fpid=&feid_sa=2&sid_sa=2&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&vn=S-2.8.3&s_rst=0&xfeid=6aeed8aa91ee040286ce19712beb545d&st_d=%7B%7D
IP
104.21.95.141:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

POST /t/event/v4?e_t=btd_err&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&u_adb=0&t_op=1.318&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1664049455509&fpid=&feid_sa=2&sid_sa=2&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&vn=S-2.8.3&s_rst=0&xfeid=6aeed8aa91ee040286ce19712beb545d&st_d=%7B%7D HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 19:57:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=45af7230-950d-4d7f-95b1-e1e8ef67cf8b&u_adb=0&t_op=1.318&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1664049455509&fpid=&feid_sa=2&sid_sa=2&feid=463c59e8b328cd6f3f5e499147bade0c&sid=3227b75fb314de8363f5e82ffacf758f&vn=S-2.8.3&s_rst=0&xfeid=6aeed8aa91ee040286ce19712beb545d&st_d=%7B%7D
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxgFBmaBcRFcEpn1SdTulZfge5moyBNTm0GdVaCy74TFozv6ZGerjhBk78ylOjZS9zydHm8q8D%2FX1IwBM8El9vcXi6B%2Bz%2By9y7LAblDex1FzGOhX3XZ4R9Oh78VzxRhgNvg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fe17190b0d0b55-OSL
alt-svc: h2=":443"; ma=60

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&RedC=c.clarity.ms&MXFR=2381665E1E396A18063374771A39647D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2381665E1E396A18063374771A39647D; domain=.clarity.ms; expires=Thu, 19-Oct-2023 19:57:38 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 24 Sep 2022 19:57:37 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&RedC=c.clarity.ms&MXFR=2381665E1E396A18063374771A39647D

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&RedC=c.clarity.ms&MXFR=2381665E1E396A18063374771A39647D
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&RedC=c.clarity.ms&MXFR=2381665E1E396A18063374771A39647D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&MUID=1C83FDABFEEE6CFD2BA7EF82FF1B6DD4
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1C83FDABFEEE6CFD2BA7EF82FF1B6DD4; domain=c.bing.com; expires=Thu, 19-Oct-2023 19:57:38 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74AFE9F27C7847ABBD44C58760435CE3 Ref B: OSL30EDGE0213 Ref C: 2022-09-24T19:57:38Z
date: Sat, 24 Sep 2022 19:57:38 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&MUID=1C83FDABFEEE6CFD2BA7EF82FF1B6DD4

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&MUID=1C83FDABFEEE6CFD2BA7EF82FF1B6DD4
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=1C86788BD9DF413C8C44CD565BA27C2A&MUID=1C83FDABFEEE6CFD2BA7EF82FF1B6DD4 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 24-Sep-2022 20:07:38 GMT; path=/; SameSite=None; Secure;
date: Sat, 24 Sep 2022 19:57:37 GMT
content-length: 42
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2318
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:57:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2318
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:57:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2318
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:57:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2318
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:57:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 56700
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 79789
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6386 bytes)
Hash
d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 79502
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 79242
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9935 bytes)
Hash
55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 79428
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 79110
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1104
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sat, 24 Sep 2022 19:57:38 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 491
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sat, 24 Sep 2022 19:57:38 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7963 bytes)
Hash
5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 79243
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?80

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?80
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@600&display=swap?80 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 19:57:36 GMT
date: Sat, 24 Sep 2022 19:57:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/tag/bvsqia2v2y?ref=gtm

13.107.213.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=3cc0d1e696054a03b31dd17de267ff19.20220924.20230924; expires=Sun, 24 Sep 2023 19:57:37 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0MWEvYwAAAAAB8217tb5aQ4QM6vvQNj9eQU1TMDRFREdFMTkxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 24 Sep 2022 19:57:37 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato&display=swap?80

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato&display=swap?80
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato&display=swap?80 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 19:57:36 GMT
date: Sat, 24 Sep 2022 19:57:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.41/clarity.js

13.107.213.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.6.41/clarity.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0MWEvYwAAAACY0r3EyctZTbnDwqqVHGOlQU1TMDRFREdFMTkxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 24 Sep 2022 19:57:37 GMT
X-Firefox-Spdy: h2

wemeettoday.com/ascripts/gcu-2.8.3.js

104.21.95.141

200 OK

0 B

URL HTTP/2
wemeettoday.com/ascripts/gcu-2.8.3.js
IP
104.21.95.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ascripts/gcu-2.8.3.js HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:57:36 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 07:04:10 GMT
etag: W/"61fa2cea-1737c"
expires: Sun, 18 Sep 2022 08:31:53 GMT
cache-control: max-age=86400, public
x-77-nzt: AblMCgE/DWv/rKAAAA
x-77-nzt-ray: VuTdk965/YQ
x-cache: HIT
x-age: 41132
x-77-pop: amsterdamNL
x-77-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ueM09jNWb4nC5PyuHU34mvU2cwS9cCNRTb2%2BS662AVme%2FrgwJy70IvG8qIeV45awuHoh6rRyvsyc9s3Dudq0X%2B0M5A7%2FSmdW5Sb1idU0fCYxrBV1YPkGhON0j%2BCgzbosQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fe1710cd580b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations