Report - we-meet-today.com/?sub1=6324bdb5a5996400016d4ad1&sub2=&affiliate

Report Overview

Submitted URL
we-meet-today.com/?sub1=6324bdb5a5996400016d4ad1&sub2=&affiliate_id=1698&source=&mst=2&sub3=
IP
172.67.154.135
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-16 18:17:48
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T10:42:19Z	329 B	737 B	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	943 B	54.230.245.100
b.clarity.ms	3462	2021-07-27T14:49:08Z	2023-03-17T09:51:19Z	437 B	294 B	20.75.32.255
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-17T08:44:25Z	372 B	75 kB	142.250.74.72
wmt.datingtopgirls.com	unknown	2022-06-09T08:35:36Z	2023-02-27T12:22:50Z	384 B	63 kB	31.220.24.141
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	73 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.35
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	3.6 kB	7.7 kB	142.250.74.3
sap.prprocess.com	326576	2019-10-06T14:03:13Z	2023-03-11T22:17:45Z	353 B	514 B	131.153.42.228
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-17T05:11:26Z	738 B	24 kB	104.212.67.244
c.clarity.ms	803	2021-02-04T00:22:47Z	2023-03-17T05:11:26Z	821 B	1.2 kB	20.234.93.27
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.3 kB	6.2 kB	23.36.76.226
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-17T05:16:52Z	1.9 kB	3.8 kB	139.45.195.8
d.pssy.xyz	unknown	2022-01-18T01:00:45Z	2023-03-17T05:16:44Z	395 B	550 B	23.235.244.212
cdn.onesignal.com	3015	2015-04-22T15:41:50Z	2023-03-17T08:05:15Z	362 B	495 B	104.18.225.52
we-meet-today.com	unknown	2022-05-24T09:34:05Z	2023-03-17T05:44:44Z	8.1 kB	86 kB	104.21.80.226
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T10:24:23Z	796 B	2.3 kB	142.250.74.10
icalendar.datingtopgirls.com	260095	2022-06-02T09:08:49Z	2023-03-17T05:44:44Z	365 B	2.1 kB	31.220.24.141
wemeettoday.com	unknown	2020-12-29T09:41:40Z	2023-03-17T09:10:08Z	2.1 kB	3.5 kB	172.67.170.116
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-17T05:09:38Z	722 B	563 B	216.239.32.36
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	35.165.41.15
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-17T10:40:56Z	469 B	694 B	142.250.74.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T10:38:51Z	959 B	38 kB	142.250.74.163
botd.fpapi.io	297160	2021-06-11T12:56:14Z	2023-03-17T05:44:45Z	446 B	514 B	34.193.63.206
c.bing.com	247	2012-05-22T12:26:32Z	2023-03-17T05:11:27Z	460 B	855 B	204.79.197.200
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-17T10:59:38Z	373 B	43 kB	142.250.74.46
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-17T09:53:07Z	656 B	1.9 kB	104.18.32.68
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-17T10:38:58Z	474 B	563 B	142.251.1.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	we-meet-today.com/tt	Phishing
2022-09-16	medium	we-meet-today.com/fav/wmt/css/tt/01/app.css?80	Phishing
2022-09-16	medium	we-meet-today.com/fav/wmt/js/general.js?80	Phishing
2022-09-16	medium	we-meet-today.com/js/main.js?80	Phishing
2022-09-16	medium	we-meet-today.com/js/script.js?80	Phishing
2022-09-16	medium	we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js	Phishing
2022-09-16	medium	we-meet-today.com/js/notify.js?80	Phishing
2022-09-16	medium	we-meet-today.com/fav/wmt/img/tt/01/logo.svg	Phishing
2022-09-16	medium	icalendar.datingtopgirls.com/icalendar.js	Malware
2022-09-16	medium	we-meet-today.com/fav/wmt/video/tt/01/1.mp4	Phishing
2022-09-16	medium	wemeettoday.com/ascripts/gcu-2.8.3.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	pssy.xyz	Sinkholed

JavaScript (30)

	URL	Size	First Seen	Last Seen
	we-meet-today.com/fav/wmt/js/sektor.js?80	4.5 kB	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/fav/wmt/js/sektor.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:25 Last Seen2024-02-02 00:56:36 Times Seen150 Hash ae2f31e58981cfe5f8aa90fc0a97e3a1 f90868a52df7cd9430c1b89a299dcdc0f230177f dccc44a5b344ec5e0f52d24a383bca3b15c632d3d168bfe4347432526fef2276 Loading...

	onesignal.com/api/v1/sync/9aa670f7-284e-4992-a65a-f76f7897c873/web?callback=__jp0	3.7 kB	2023-03-17	2023-03-17
Pretty URL onesignal.com/api/v1/sync/9aa670f7-284e-4992-a65a-f76f7897c873/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash ecc2c690b95dfbef5ace053f01816f6c c40041de4b77321ea6a82c300a715f751d7639ad 923e3e61d48e81dc10ef649415513a5edaf0d3438f70cc7b020e57079913afa2 Loading...

	www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c	214 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash f1a7dc8671effa485a7d8b89b0ae9002 7d55f68872231ac34a93e5a55f890ee86beb645e 1e598b63688a78a9d38ac8d415912eeaf958a469273a66cc815e70efc8cf9a00 Loading...

	www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM	109 kB	2023-03-17	2023-03-17
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:43:50 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 36d909471b186d4f695d52dd777657b8 2800977dd4cdcb0bb6a0cd33d3ccd2ea32ad5d8b 222b848f9f6d2718519b4d2469426253a207f433e441ee5fc09ddf352e8176a2 Loading...

	www.clarity.ms/eus2/s/0.6.40/clarity.js	55 kB	2023-03-07	2023-08-11
Pretty URL www.clarity.ms/eus2/s/0.6.40/clarity.js IP 104.212.67.244 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2023-08-11 03:38:39 Times Seen27 Hash c238c096f4ff077be41b8296711e8641 a50be06611656993022a860865c30f85e8ff7832 bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260 Loading...

	we-meet-today.com/tt	244 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen123 Hash c2d7fd0076f5e94198e0b8df53b52f2f 6677090bec52a47a8a71b12f38df2a13acf30ed3 db5589938f906525089cad0aaf2d24848b46d1c3afa382c72a0e0cb15517bb4c Loading...

	we-meet-today.com/tt	475 B	2023-03-17	2023-03-17
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 7f216f81e4ddad8bdf50785f1cb2dda4 48a34b04e8e8dd569715626e05ead0759d5f9620 93336c6ca22e2b18f3a71b6618083a4adf0498020ba7f9593ab9667c9007f6a3 Loading...

	we-meet-today.com/tt	352 B	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 38284d3542bae93edd9c02c50ab14d45 5ba94ebd6abb0532440d433b6df384007a38e60d 25dd4dfb5bfbf45b4dc7dab5cfa540a325ac31b5780766ff2919507786509260 Loading...

	we-meet-today.com/fav/wmt/js/tt/01/app.js?80	9.1 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/fav/wmt/js/tt/01/app.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 7b33a5f2005051a749983a0c5277cc3a 27f8bf3326bdf83d00b19f49d6761fcc3dc095fb 975773fc0f76af5d16ea46bf27632ee36198a3cd03ef56f7034ed7f75da5e811 Loading...

	www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN	212 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 019ccaece9ec62c6483b7abfab182646 53a7f0150bee2e8865e6091b55e07ab04d88aef3 260326ea2faefb8d1b62d37a81b25137867e4e4788158338e13c7a690929c400 Loading...

	icalendar.datingtopgirls.com/icalendar.js	5.9 kB	2023-03-07	2023-03-17
Pretty URL icalendar.datingtopgirls.com/icalendar.js IP 31.220.24.141 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 1542e1c96753770e587968d803376c9a c49a24c38a498620e420951e65ddf65f46dda447 2887db4531172d1c88a4d6b55bda50c5f0dacb95918e2666129cda5d8ec98a8b Loading...

	www.clarity.ms/tag/bvsqia2v2y?ref=gtm	1.4 kB	2023-03-07	2023-03-17
Pretty URL www.clarity.ms/tag/bvsqia2v2y?ref=gtm IP 104.212.67.244 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:51 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 7a5f7d5aa2a5020f4d11c361e0110f5b 0e3bc727dedcd198b8329bac0a6ef1a461fc14a1 c87dc6162512b082483ad622f76dc60fb7527871c4b7bcece5aebfc5a36fcc1d Loading...

	we-meet-today.com/tt	33 B	2023-03-07	2023-10-16
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:52 Last Seen2023-10-16 08:02:38 Times Seen117 Hash 8dbba962f13697f99ed698b6c7b8bff1 2780151745bf59ad74e28bac3be556a13d160596 798f3fd7c6503da88144be4e39f30d1c056b0cdff5deab0b2a752642f20f35f3 Loading...

	we-meet-today.com/tt	181 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen124 Hash ff011f0cb72b358b522a578437cac65f 2538907faf1f40db704a2c4738dc1b41bef3bac1 0607af71e7799808b08043230410f0385ccb521197e0f1c0bb816966c71da696 Loading...

	we-meet-today.com/tt	999 B	2023-03-17	2023-03-17
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash d1cc608562f68b8ba7861e1d072d5580 cb6048ad1501acbac8489fc7fc4436f3613780ca 1bce4afbea00a9e882b01917a3fd51d19807d792851714f1c944d093896dd577 Loading...

	we-meet-today.com/tt	381 B	2023-03-07	2024-04-25
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-25 08:02:51 Times Seen483 Hash 2d63d2fc063a3b79517968ef422bfae2 3f5020fc07330429b607f808fc5373f5bede54a0 5c0085f5aec987d46f3ebd4a6ed616c806878b0a82cf6f8c926cb41925d637d1 Loading...

	we-meet-today.com/js/notify.js?80	2.9 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/notify.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:25:21 Last Seen2023-03-17 12:47:52 Times Seen1 Hash a36984dbb2e2fc58ceed2df6de66fce3 43f4bbef2dd1fd000abf72336ccfb901d5b102d2 9a4a793d9d5fdb3d9c959cfb8aa98177439dcc67c1255520073fc2403692aa42 Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	we-meet-today.com/js/main.js?80	24 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/main.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:41 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 2cc8c012627c00ba257b84425b55e9e4 1fc7ad744f1eb3f195140dace57eecc62d2fd80f 4eed62e402335ca04f23bef09046e4c62acc16d67482e6089d114354b77dbbdf Loading...

	wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1663352240947&t_i=1663352241181&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&nav_rc=1&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6324bdb5a5996400016d4ad1&fpid_sa=1663352241181&fpid=&feid_sa=1&sid_sa=1&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%225a5c9975343f5e32df32f80e1b9517b4%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.37&cb=gl.cb.pv	65 B	2023-03-17	2023-03-17
Pretty URL wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1663352240947&t_i=1663352241181&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&nav_rc=1&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6324bdb5a5996400016d4ad1&fpid_sa=1663352241181&fpid=&feid_sa=1&sid_sa=1&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%225a5c9975343f5e32df32f80e1b9517b4%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.37&cb=gl.cb.pv IP 172.67.170.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash e2a89db989d3e64ad0cc32a22e2fc061 3d55f6a88d69a1751aa9622a8be5c3d0e8a8b17a b58fdabac705f38cf7b1feeaef82e482e36ed8b396ff90ca29edbff57a1899f1 Loading...

	we-meet-today.com/tt	100 B	2023-03-07	2024-02-02
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen139 Hash 6657d5cb319244c6cf4c7378f47596e1 cb008f36db33ff73fa420f12425c18e65a3053ff 1bbc661e1e53aa8c4b872fba1e02a35e276b0a21bfe29d3c93a57257d6546aa6 Loading...

	we-meet-today.com/tt	269 B	2023-03-17	2023-03-17
Pretty URL we-meet-today.com/tt IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash 5585c4e0c09f162c2038802a7777ff34 9909766e0af4c74a6fdfb8d18729a54c869f4a83 909b5f6a64e5ced73b13b022e946314c1d5309d826fb28b65aa5c5e32e4f1e38 Loading...

	we-meet-today.com/fav/wmt/js/general.js?80	2.6 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/fav/wmt/js/general.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:08 Times Seen1 Hash ac2980b954f5c825ae247ec465cdf7b3 b2ed269ed49acec959ae8119556c15c60e51d389 59a52073e4b2e90786ca246b5d6d72b957beccf8ebe8c50ecee74a6005b3cbce Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX	157 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:47:08 Last Seen2023-03-17 12:47:08 Times Seen1 Hash db9eda3dc6dab198686b4cb56b45e8c1 9188d8cfcf4e1bfa12d573f8e41d1fbe3749910f 84cf58e8252bf4f85be28f3a6c005ac8c6cd2c1d3e9f305ae23767b794111640 Loading...

	we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-10
Pretty URL we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-05-10 19:22:57 Times Seen12291 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.225.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	sap.prprocess.com/goal.js.php	424 B	2023-03-07	2023-07-08
Pretty URL sap.prprocess.com/goal.js.php IP 131.153.42.228 ASN #20454 SSASN2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-07-08 01:49:34 Times Seen11 Hash a560cbf5e819c9c2102c3ef72b211052 ec60a4f96f8bee5d1791a3042df9f50a147b40bf 3373fd2c593fa26443172f9a9f13e98aed86e755d8834d085235405d1657f21a Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5	697 B	2023-03-07	2023-03-17
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 7810e171104615cbf47646d929eb2f07 6186265ba25a5d3c24e3045237c4dd2b405914b6 a6a952ca48c1eb05cf81aaa8d867561ad7d150a12b5588e85649c021ddaead31 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6	697 B	2023-03-07	2023-03-17
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash e72d2fbeb919684f0a71052821b2fd59 4c0a3f37d9b9498017675cdd8ce7bda445a1a7e6 903783351b6462d0d9cf234644c4246ec124868a614610d1179ba82f9674d693 Loading...

	we-meet-today.com/js/script.js?80	12 kB	2023-03-07	2023-03-17
Pretty URL we-meet-today.com/js/script.js?80 IP 104.21.80.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 18e3029678fdb51658bdca1782a4b136 10165baf9a97ae5f2b4d1f9d50f56c90b05bb9a2 44624f0605cd4a8aa254792293185bace14ba40f412e8c760e415b8561f6e4f0 Loading...

HTTP Transactions (76)

URL IP Response Size

we-meet-today.com/?sub1=6324bdb5a5996400016d4ad1&sub2=&affiliate_id=1698&source=&mst=2&sub3=

104.21.80.226

302 Found

0 B

URL HTTP/1.1
we-meet-today.com/?sub1=6324bdb5a5996400016d4ad1&sub2=&affiliate_id=1698&source=&mst=2&sub3=
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?sub1=6324bdb5a5996400016d4ad1&sub2=&affiliate_id=1698&source=&mst=2&sub3= HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hashid=48c4b3ba0c524107ad821c557b73942e; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
country=Norway; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
region=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
country_code=no; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
latitude=59.9127; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
longitude=10.7461; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
tour=1; expires=Mon, 15-Sep-2025 18:17:37 GMT; Max-Age=94608000; path=/
hashid=063c8f14c1638f599c4347ddcfcd0ead; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=6324bdb5a5996400016d4ad1; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=1698; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=2; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1663352257; expires=Sat, 17-Sep-2022 18:17:37 GMT; Max-Age=86400; path=/
push_v2=48; expires=Fri, 23-Sep-2022 18:17:37 GMT; Max-Age=604800; path=/
Location: /tt
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3UVH20zywpIpbaJyVl2uxtpbVqit4YCKpn%2F2RmKgN31hDiKSI1Fe%2BSS5jhh8p%2BpLH%2BMzP7IpGpeskpVW%2BxydWOJwol6ZqlpJHg418zsPFptKnNWNwutlj%2FwqNlnG2M2m6iiqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9996bdabb4f3-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 17:19:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zw-JMmjpAPryRhuy45vlFEKeQMhgTXvrEWF7XmPQOBg10sr3vS1oEg==
Age: 3485

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Fri, 16 Sep 2022 19:36:26 GMT
Date: Fri, 16 Sep 2022 18:17:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0ol970Gta8XwVvD_jb-aLUQhvyso5jD1VQxo8lrUeVaK7vNT-Zbrtg==
age: 49342
X-Firefox-Spdy: h2

we-meet-today.com/tt

104.21.80.226

200 OK

6.3 kB

URL HTTP/1.1
we-meet-today.com/tt
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2912)
Size
6.3 kB (6335 bytes)
Hash
58fd7ed932c0a98878ed1389a1e993fa
9adde1f72a0209b9c8b6d258cf8c8445f4e137f4
0d07aa0cf170b0391976f8ac6c6c8508d94ebe18b02e38934e8b29f7dd494f2d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /tt HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; expires=Sat, 16-Sep-2023 18:17:37 GMT; Max-Age=31536000; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ai8mwthee4NAL9dHZb4Dmr2qufxfXdqZtJ2kWrNdy3uJkh7GAly%2B2dHEkZfNHdPjCv%2FjHrhnMZHkdnKngWxj3i10UEIvB77I4QmR0H6VeWqTWNWCg5jfq9UZpT7GnK32wOZbYw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9997bf2cb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 18:17:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/css/tt/01/app.css?80

104.21.80.226

200 OK

5.0 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/css/tt/01/app.css?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.0 kB (4987 bytes)
Hash
6f942d1983663daa4edc3a1bc4274f2b
237eea6a754e05c20224dc80f8b64146328f1ad7
658ef0bfe579f4296a02e8a864e4426b9d46f058353a776fe908d4fd2032d56f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/css/tt/01/app.css?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 May 2021 14:26:27 GMT
ETag: W/"60ad0913-52c1"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYNqDixMnNxzeDGXs%2BUPW6g01VQIHHYZKYzDGmY%2BPOfqYyN%2BHf0wm%2B4PCHcWIwJHJNvrfLR1exq9y9fsMyje3Nryla%2BQqqmW5Hnh6VnXvdcOe843KXozcKeA0f4rrKp5OYRQJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998c8b5b4f3-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/css/additional.css?80

104.21.80.226

200 OK

2.3 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/css/additional.css?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.3 kB (2343 bytes)
Hash
b1acf4ef68827b14106ab74591ab4b8f
9714a07c36a44a5639f042841a89ca031aa02da4
c45cad606d40451a732068b4b9ffda664bb011ba1b4483852ca86b11f3627ce3

HTTP Headers

GET /fav/wmt/css/additional.css?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Aug 2021 11:07:47 GMT
ETag: W/"611b9883-1bc8"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79tyzWlWK790lOxcNRjTYkVAG6FN1orCg1DpglrfRBjz5MBS1MqHhcSWUun%2F0OX0NE2QhUIoe5%2B8hLDYrzHDiseGwhgkKfllEhiDeNa86UCE69BaHhYh1YqQ4N2RGoFThc1PUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998cef4b51b-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/js/sektor.js?80

104.21.80.226

200 OK

1.6 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/sektor.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.6 kB (1616 bytes)
Hash
f74913a553af03fcb5d16688f40f09ff
163796aaccdd159d276ab20e53729a8f73462ec6
8f709ff8c497a8b1805f81b9fa0cc4f8c92d8cb451ee886d62bb51fe1af0daff

HTTP Headers

GET /fav/wmt/js/sektor.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-116b"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNR0ygavsMOqvryKTGVFpN3ux76j1lPRMDHSFur9ohPrBTEaBu1e7qI7LstzWq9iuCzcDsVeKwb%2BmvO%2BPkgW2SzksHPAnZRBYQULFTTPiYMJWLXrPHcRMiNTikzi9pPGb7nodw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998f8f6b4f3-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/js/general.js?80

104.21.80.226

200 OK

1.1 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/general.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1085 bytes)
Hash
53a993fa7b998158d09cfa71c176e1b3
a454d10374164db2b33eba2c0c2c3d0e63089345
207be534410d95c70aef0128cc7522b8a49426a14130208c4ad6c4d52f95f9df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/js/general.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 12:52:03 GMT
ETag: W/"62c2e273-a07"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1%2BrWLO9li1vkUUyb%2B6JSafpL9SPkkEeMLV%2B5jgos8dLlRkFtztvRPwcdYNfSA%2FM%2BRAJ5kWizyY%2FvmP9xut4fRRdg5XwknnYHDfXE7ZCGhv0eYcJC1BIHOBujbkZYBhOq083og%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998ef19b51b-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/js/main.js?80

104.21.80.226

200 OK

5.3 kB

URL HTTP/1.1
we-meet-today.com/js/main.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.3 kB (5310 bytes)
Hash
25a789a4e3b8690534449ad6c71d895a
3b6785430ece316753c62f6f2facaadd7408e337
6800a5801037fc30a1854e07b2cc109e5410347609bf456421b9b7a5a4ec8668

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/main.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:41:39 GMT
ETag: W/"631f4523-5ce5"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t40xdptuCSSb1A%2F5kf%2FVszzYmZd4pNytB3Blu3TyKTvluBnmZ3%2BwIMpFpZwgjC%2B3Jv%2FD9S%2Fy4qnDF%2FNVPWwUkzbHJ3IIq3smiEmAiEbLJ%2FKTiQQpjeMRQZf5nv8MWrrVm8f1jA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998d9eab524-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/js/script.js?80

104.21.80.226

200 OK

4.0 kB

URL HTTP/1.1
we-meet-today.com/js/script.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.0 kB (4018 bytes)
Hash
04adeb405dede58025cf9356150fb279
c3793270be2dfe5e11be8a4d6e61a487380cf627
405041e51d67459230b8919dd7192a16a1aa29fd08407257cf4919e013072d23

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/script.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Apr 2022 13:31:39 GMT
ETag: W/"624ee7bb-30a3"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsX%2B8gGPOWIahl%2Be0Q29YW2G0THYNzl6ir4eXqHQ2hC46XkaKFXFtVjih5mJaNw3G7KsYlrQO51mhHWZG0m5pZJaSFK7wwPhLQD5t3LqluyGucnMz0ehpkaYEiCs6z4NOB6WhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998de42b4ff-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js

104.21.80.226

200 OK

35 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/jquery-3.3.1.min.js
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35293 bytes)
Hash
6bf2d76cb230a7aa9826611fda6744d8
fdfb5f5a10b395c57feb07e07f15bc23ad5f617c
70c7f7e865d8a5e685595c8994211a46bffa65949f756f49f27cc3c22d1d192b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/js/jquery-3.3.1.min.js HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-15339"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNbydaPmffafEzz4FH0ekZ8sal%2B1yb8sSSKM%2F3Gn9aP9Q3gRYBrwzsb0FDbrxkjH9xlOxgGjqSyT5SQJiZWoCbTwU0uxP%2BfVLrong2uXoQ4HWPSmqMa1z43I03%2BI2tg9BmBYIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb9998cfde0b02-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/js/tt/01/app.js?80

104.21.80.226

200 OK

3.1 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/js/tt/01/app.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.1 kB (3102 bytes)
Hash
6e75062eb72db06bf88f35028c6e8af7
ec9d1ce8b2a9529d1fb7d8e59cc699126b70392d
7772cfab7a78873d826495826492b63fdc7684862ee425431a6b4298127334f4

HTTP Headers

GET /fav/wmt/js/tt/01/app.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 10:35:00 GMT
ETag: W/"62da7d54-236e"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMaicaRTttVYaGgghS8fNKupwmEXeAB1jW0VtmBjxXHl8vHr2kWRK0nnhtys87fbcz8hSCw52BvYf4%2BIpTMDkXs7V8dWEuYyZ80clMdjYs1HDJBuLTc5DW9HIFvwuybZybStDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb99992f5bb51b-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we-meet-today.com/js/notify.js?80

104.21.80.226

200 OK

1.1 kB

URL HTTP/1.1
we-meet-today.com/js/notify.js?80
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1096 bytes)
Hash
3b2d92e9efee2e0f9c3ccb0a2ae6bfcb
75d1b601260e855515dde0311fae850c5e06ea4a
0f3e5cf310cd33af2898491caa7351f8825b08e143ba8f26c7d007063c4aed8f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/notify.js?80 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 14:41:39 GMT
ETag: W/"631f4523-b54"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOOYIKpp3A9DYGh2lb5lO5l8e83%2FnvYDD7HQb%2BjAzTzXpuHgPOTFbfHuoeMQ8ZP9NaZ2WQTvEJzyBrjQdkLGaoZ2EH3ualf2efXWCdT16C4jhwovP6SHKeHWOopfn%2BoYJ9Vh7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb99993945b4f3-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN

142.250.74.72

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-C27SH5W4XN
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (17807)
Size
75 kB (74710 bytes)
Hash
fa2003b5d2bbb4a712b7aabc90a72102
ea29a73c48d69dcab262556a59e1bd4398a8ea9a
e63090ed1a93a1950ed5e962eb05cbc5041522b3b267af569ade025a50320985

HTTP Headers

GET /gtag/js?id=G-C27SH5W4XN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 18:17:37 GMT
expires: Fri, 16 Sep 2022 18:17:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/img/tt/01/user-1.jpg

104.21.80.226

200 OK

3.4 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/img/tt/01/user-1.jpg
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Size
3.4 kB (3430 bytes)
Hash
e25421fcd356f9ad3925d5acb670d448
73d3da0ca8a41a87ab5940b62b46205250973c47
925848eae3e2c433683cc6bc8368d737b108d8da3ea07da846106f66eba2fe73

HTTP Headers

GET /fav/wmt/img/tt/01/user-1.jpg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: image/jpeg
Content-Length: 3430
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: "5fec4299-d66"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnPCzAHGUkZccJEbQQ9%2FoPMMCo%2BTZyB4mba6tyMNNL37kM2HgkUse1c1SQ3D0l5AfxBC6x79qdc0jEiDbCFK3luBzBKJNXyAsMkqS9PTyPW7x0hWzedIgbsfjFxtan5LaMl%2Fdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb999998b50b02-OSL
alt-svc: h2=":443"; ma=60

we-meet-today.com/fav/wmt/img/tt/01/logo.svg

104.21.80.226

200 OK

3.8 kB

URL HTTP/1.1
we-meet-today.com/fav/wmt/img/tt/01/logo.svg
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (890)
Size
3.8 kB (3843 bytes)
Hash
594f2270cfe03bdab6170038d5cca208
e254f6a8d6f7e39d93dd9c8d8dff17115b8b5bc2
dd4d206ae9098e0aba8141ae500f68e0cad33d878bad9180cf98d08446520b3e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/img/tt/01/logo.svg HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:04:25 GMT
ETag: W/"5fec4299-2006"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRgQG42%2FI%2BRNne9%2BQhMmfKAlAqk8VS7yysoyIX3%2F03Wm78KcKyORbWgxZPCI2NDYyWkBzQJCcxPLICN5oeA0v685pG93mSR4GBflFB5386aMIaXLoVNmU35jkgBCTTgoTa2YhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb99999b08b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css?family=Lato&display=swap?80

142.250.74.10

200 OK

800 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato&display=swap?80
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
800 B (800 bytes)
Hash
948664e1d3df0cd93f669eb6165b9686
45625964a73be8bc7a3f2cd55c3026002159adf5
957dcc580ec7be3580042448ced6d1a7f57b902da07a15a1cca1bed27b797807

HTTP Headers

GET /css?family=Lato&display=swap?80 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 18:17:37 GMT
date: Fri, 16 Sep 2022 18:17:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1775cea5b931bb2812e82a4b46227d02
30e6a27be06adf12dbc0b3d2d33382202882e39c
82ceba11ff48d4d9856189daf9a0762087e77b90549ff626a9f0b1f6e705c9a0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82CEBA11FF48D4D9856189DAF9A0762087E77B90549FF626A9F0B1F6E705C9A0"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12875
Expires: Fri, 16 Sep 2022 21:52:12 GMT
Date: Fri, 16 Sep 2022 18:17:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1775cea5b931bb2812e82a4b46227d02
30e6a27be06adf12dbc0b3d2d33382202882e39c
82ceba11ff48d4d9856189daf9a0762087e77b90549ff626a9f0b1f6e705c9a0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82CEBA11FF48D4D9856189DAF9A0762087E77B90549FF626A9F0B1F6E705C9A0"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12884
Expires: Fri, 16 Sep 2022 21:52:21 GMT
Date: Fri, 16 Sep 2022 18:17:37 GMT
Connection: keep-alive

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

1.8 kB

URL HTTP/1.1
icalendar.datingtopgirls.com/icalendar.js
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text
Size
1.8 kB (1796 bytes)
Hash
d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Apr 2022 08:51:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6259322b-173d"
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:10:21 GMT
expires: Wed, 13 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 263236
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3080fa9f451821dbd4e5f69e629a4c07
330db6a2881d9f102c6c885ba3a1474f23c5ff03
ee8bb98479eda6850e97cdc5f2ba10e996d164820e9675f7d791aafd5628f113

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE8BB98479EDA6850E97CDC5F2BA10E996D164820E9675F7D791AAFD5628F113"
Last-Modified: Wed, 14 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Fri, 16 Sep 2022 20:23:05 GMT
Date: Fri, 16 Sep 2022 18:17:37 GMT
Connection: keep-alive

wmt.datingtopgirls.com/util/1-small.jpg

31.220.24.141

200 OK

63 kB

URL HTTP/1.1
wmt.datingtopgirls.com/util/1-small.jpg
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data
Size
63 kB (62808 bytes)
Hash
30737574deb1bfc2fbe5ccb5ced7b656
12f02e651c9d3ac340c23aede3b2d9409194d6f5
711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29

HTTP Headers

GET /util/1-small.jpg HTTP/1.1
Host: wmt.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: image/jpeg
Content-Length: 62808
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-f558"
Accept-Ranges: bytes

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Size
13 kB (12700 bytes)
Hash
e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 01:43:53 GMT
expires: Sun, 10 Sep 2023 01:43:53 GMT
cache-control: public, max-age=31536000
age: 578024
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM

142.250.74.46

200 OK

43 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
43 kB (42651 bytes)
Hash
ad6ac34212f7803f4d0d5f587251c46e
7b6076e3e0b73227f9ff46937d20e69d55f661e1
582c61a23f44b8145da4785f3f817876083c95237c41778cc376254efb42a46a

HTTP Headers

GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 18:17:37 GMT
expires: Fri, 16 Sep 2022 18:17:37 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sap.prprocess.com/goal.js.php

131.153.42.228

200 OK

262 B

URL HTTP/1.1
sap.prprocess.com/goal.js.php
IP
131.153.42.228:0
ASN
#20454 SSASN2

File type
ASCII text
Size
262 B (262 bytes)
Hash
2981ab0dc3b24790981241be18df8ff6
4fb1f2538e534d9a99cb72ca7dc927fb239ed377
6292f81b848047627ab93d7b235cd9a2358e936ba8f2b2cd36553d253d120a60

HTTP Headers

GET /goal.js.php HTTP/1.1
Host: sap.prprocess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
mime-type: application/javascript
Access-Control-Allow-Origin: *
Content-Encoding: gzip

wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1663352240947&t_i=1663352241181&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&nav_rc=1&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6324bdb5a5996400016d4ad1&fpid_sa=1663352241181&fpid=&feid_sa=1&sid_sa=1&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%225a5c9975343f5e32df32f80e1b9517b4%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.37&cb=gl.cb.pv

172.67.170.116

301 Moved Permanently

162 B

URL HTTP/1.1
wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1663352240947&t_i=1663352241181&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&nav_rc=1&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6324bdb5a5996400016d4ad1&fpid_sa=1663352241181&fpid=&feid_sa=1&sid_sa=1&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%225a5c9975343f5e32df32f80e1b9517b4%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.37&cb=gl.cb.pv
IP
172.67.170.116:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1663352240947&t_i=1663352241181&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&nav_rc=1&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6324bdb5a5996400016d4ad1&fpid_sa=1663352241181&fpid=&feid_sa=1&sid_sa=1&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%225a5c9975343f5e32df32f80e1b9517b4%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.37&cb=gl.cb.pv HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/

HTTP/1.1 301 Moved Permanently
Date: Fri, 16 Sep 2022 18:17:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=pageview&url=http%253A%252F%252Fwe-meet-today.com%252Ftt&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1663352240947&t_i=1663352241181&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&nav_rc=1&nav_nt=NAVIGATE&p_nn=wemeettoday&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=6324bdb5a5996400016d4ad1&fpid_sa=1663352241181&fpid=&feid_sa=1&sid_sa=1&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%221698%22%2C%22source%22%3A%22unknown%22%2C%22page_id%22%3A%225a5c9975343f5e32df32f80e1b9517b4%22%2C%22tour%22%3A%22t%2F01%22%7D&t_op=0.37&cb=gl.cb.pv
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAEK4PeEyxL3lWn5Qwy1jUdI%2F4Q8wkAmeNXfmY7VJafMzTl1oOwXpaMRDpkbTvOzT7kPJD9C1G6sX21IlsYXSC7fHi%2BmxanKRpJyMsWV2FTt3o%2F0SdKO8ygZ9K7YuDlpuj0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb999c4d7eb4f3-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 16 Sep 2022 18:03:22 GMT
Expires: Fri, 16 Sep 2022 18:24:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9ceae6LK8_yUQhyYZxQQMCyMjC238r80LUp-G2LW7xd6swXyOjs6_w==
Age: 856

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=518260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74bb999caba9b4f7-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=518260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74bb999cd836b529-OSL

my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
e72d2fbeb919684f0a71052821b2fd59
4c0a3f37d9b9498017675cdd8ce7bda445a1a7e6
903783351b6462d0d9cf234644c4246ec124868a614610d1179ba82f9674d693

HTTP Headers

GET /p.js?f=sync&lr=1&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 18:17:38 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:38 GMT
Last-Modified: Fri, 16 Sep 2022 17:47:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
7810e171104615cbf47646d929eb2f07
6186265ba25a5d3c24e3045237c4dd2b405914b6
a6a952ca48c1eb05cf81aaa8d867561ad7d150a12b5588e85649c021ddaead31

HTTP Headers

GET /p.js?f=sync&lr=1&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 18:17:38 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
24d8b6a62d9ba0643ae2cf5e3b3e8c5a
e7af3b22f8c1d93c05fc7139534fc7efe721687f
6d6ffaf88b15d34861c3acf6b523ecc6a54bb109a3fa42eb662bf2ee321fae7d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D6FFAF88B15D34861C3ACF6B523ECC6A54BB109A3FA42EB662BF2EE321FAE7D"
Last-Modified: Thu, 15 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2436
Expires: Fri, 16 Sep 2022 18:58:14 GMT
Date: Fri, 16 Sep 2022 18:17:38 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
57849ebfee84b5129f0eb984e9547ad2
c2046b9bfbd65d0d86b772454f44c3e23697d2fa
129d6d39133cf5b69c7f040f6b6120fa7bc5e2c625f61e3deb1ce6a5597332d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 18:17:38 GMT
Last-Modified: Fri, 16 Sep 2022 18:15:29 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GXPOUMjiUOEzPkiPJhswVTjwr0ETHq8GQkp0Yi3QXllW9leNEvVBLw==
Age: 129

we-meet-today.com/favicon.ico

104.21.80.226

200 OK

546 B

URL HTTP/1.1
we-meet-today.com/favicon.ico
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
546 B (546 bytes)
Hash
2c50c27d15b9c17455956dd1092d04bb
aefadffd73aa16b667e82fb27411ec9f1a244ee0
0fb2aaf625eca930aa700f54bb18e8c523c8f2bac8a90bc3199111755801e804

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48; fpid=; fpid_sa=1663352241181; feid=82970728442ea880032ac93506f4831b; sid=b55f24a9337c62adf9a4aeab3d29eefc; feid_sa=1; sid_sa=1; utm=%7B%22ads_type%22%3A%22%22%7D; st_d=%7B%7D; _ga_C27SH5W4XN=GS1.1.1663352241.1.0.1663352241.0.0.0; _ga=GA1.1.1332813439.1663352242; _ga_Q7W6GLM2DR=GS1.1.1663352241.1.0.1663352241.60.0.0; xfeid=541ff36de510c52c76bd0ec40d875f66

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:17:38 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Dec 2020 09:27:36 GMT
ETag: W/"5fec4808-47e"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9DpoqFvYwTI5c9%2BiXgLuh8wJG7knlw5MONiMh3LeVYzpNYZS6DtJ%2FR1x59SnyTFUo0w4ZVBADrQBhjqepwJ%2FDxx5xj05k4W2IMAdktBny%2BgkjRaritm6WghB1irvqxVRLXqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb999fdb73b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe9e0&_p=1340807298&cid=1332813439.1663352242&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663352241&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe9e0&_p=1340807298&cid=1332813439.1663352242&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663352241&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-C27SH5W4XN&gtm=2oe9e0&_p=1340807298&cid=1332813439.1663352242&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663352241&sct=1&seg=0&dl=http%3A%2F%2Fwe-meet-today.com%2Ftt&dt=WeMeetToday.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Fri, 16 Sep 2022 18:17:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /zmpPCDGq1pO14FVLDVvjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3d3my/8jYquR/e6mCKC3dTJNVvs=

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1332813439.1663352242&gtm=2oe9e0&aip=1&z=32030483

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1332813439.1663352242&gtm=2oe9e0&aip=1&z=32030483
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1332813439.1663352242&gtm=2oe9e0&aip=1&z=32030483 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 18:17:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d.pssy.xyz/t.php?id=DauLyHxAwjxJzRREiSWdntAJ5cjtny

23.235.244.212

200 OK

20 B

URL HTTP/1.1
d.pssy.xyz/t.php?id=DauLyHxAwjxJzRREiSWdntAJ5cjtny
IP
23.235.244.212:0
ASN
#20454 SSASN2

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /t.php?id=DauLyHxAwjxJzRREiSWdntAJ5cjtny HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 18:17:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=e20b8026-1a20-4fb5-bb59-c3315d165aeb; expires=Sat, 16-Sep-2023 18:17:38 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
prg=1663352258%2CDauLyHxAwjxJzRREiSWdntAJ5cjtny; expires=Sat, 16-Sep-2023 18:17:38 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

botd.fpapi.io/api/v1/detect?version=0.1.23

34.193.63.206

401 Unauthorized

69 B

URL HTTP/2
botd.fpapi.io/api/v1/detect?version=0.1.23
IP
34.193.63.206:0
ASN
#14618 AMAZON-AES

File type
data
Size
69 B (69 bytes)
Hash
32ba2944a9fb9f71e7edc24a56593f3d
52b5da6230916b04a19d6f712ef247513831038c
e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9

HTTP Headers

POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Content-Type: text/plain
Origin: http://we-meet-today.com
Content-Length: 21459
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 401 Unauthorized
date: Fri, 16 Sep 2022 18:17:38 GMT
content-type: application/octet-stream
content-length: 69
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://we-meet-today.com
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1332813439.1663352242&gtm=2oe9e0&aip=1

142.251.1.154

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1332813439.1663352242&gtm=2oe9e0&aip=1
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1332813439.1663352242&gtm=2oe9e0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://we-meet-today.com
date: Fri, 16 Sep 2022 18:17:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/img.gif?f=sync&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=3a05d8de1e835641a4122cb3d37a0af24eaf56590b1281864cb22b8f126cbfe5&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 18:17:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=682006f536044d5ca1fad2e6ad5c5264; expires=Sat, 16 Sep 2023 18:17:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=7baf563de63d4c5cebd07a29a6b51c7eb1dcc7d6d9d09957dec27fe5801d2fa6&ttl=&rurl=http%3A%2F%2Fwe-meet-today.com%2Ftt HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 18:17:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6fd38494b1204ba7b9e70e358df5d165; expires=Sat, 16 Sep 2023 18:17:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.40/clarity.js

104.212.67.244

200 OK

23 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.40/clarity.js
IP
104.212.67.244:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54745)
Size
23 kB (23442 bytes)
Hash
6a87d835543a151541da0ae963173dd7
80bac2abc74d2fa93a63ff82514fd64ee8caf9a0
c806647a143cb92f41ed1e60c6be245cd4e78b447c90adbed881ca54ecfa7337

HTTP Headers

GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 23442
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8bd4806fdad30"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0w70kYwAAAADv7TVsv1CLQb/+1hgtykywRFhCMzBFREdFMDIxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 16 Sep 2022 18:17:39 GMT
X-Firefox-Spdy: h2

wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&u_adb=0&t_op=2.079&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1663352241181&fpid=&feid_sa=2&sid_sa=2&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&vn=S-2.8.3&s_rst=0&xfeid=541ff36de510c52c76bd0ec40d875f66&st_d=%7B%7D

172.67.170.116

301 Moved Permanently

162 B

URL HTTP/1.1
wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&u_adb=0&t_op=2.079&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1663352241181&fpid=&feid_sa=2&sid_sa=2&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&vn=S-2.8.3&s_rst=0&xfeid=541ff36de510c52c76bd0ec40d875f66&st_d=%7B%7D
IP
172.67.170.116:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

POST /t/event/v4?e_t=btd_err&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&u_adb=0&t_op=2.079&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1663352241181&fpid=&feid_sa=2&sid_sa=2&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&vn=S-2.8.3&s_rst=0&xfeid=541ff36de510c52c76bd0ec40d875f66&st_d=%7B%7D HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/

HTTP/1.1 301 Moved Permanently
Date: Fri, 16 Sep 2022 18:17:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wemeettoday.com/t/event/v4?e_t=btd_err&pv_uid=70509b97-8a3b-49dd-9bf7-e49d8659fa81&u_adb=0&t_op=2.079&p_nn=wemeettoday&e_d=%7B%22btd%22%3A%7B%22error%22%3A%7B%22code%22%3A%22publicKeyInvalid%22%2C%22message%22%3A%22publicKey%20invalid%22%7D%7D%7D&fpid_sa=1663352241181&fpid=&feid_sa=2&sid_sa=2&feid=82970728442ea880032ac93506f4831b&sid=b55f24a9337c62adf9a4aeab3d29eefc&vn=S-2.8.3&s_rst=0&xfeid=541ff36de510c52c76bd0ec40d875f66&st_d=%7B%7D
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0d1XrCwlG%2BjlXKXHBpVLPVOZsc3CBOopePRPxumx%2B458AR0xInM2VqYgamvFSqNdDCLCJIkOqVBksmvStSVjTR5mCRo30AqatsdQ%2BUTTpWDBMwIwe1BJ57WnQB6LpE3sI4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb99a70c5ab4f3-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7418
Expires: Fri, 16 Sep 2022 20:21:17 GMT
Date: Fri, 16 Sep 2022 18:17:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7418
Expires: Fri, 16 Sep 2022 20:21:17 GMT
Date: Fri, 16 Sep 2022 18:17:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9904 bytes)
Hash
e6d17788c7d2a1a91e68eff48df14bd1
8e1090346d90bc69e7a95384e6a7a01154e31567
1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JyXQcHKFIksMgLMROqOfV1ZqdFKSp3QSIlGmXuDR6h88o9J6s-mgkw==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:14:32 GMT
age: 72187
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12123 bytes)
Hash
f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 03:12:38 GMT
age: 54301
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10163 bytes)
Hash
3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J5lOTqdLhgg3Hzfw3b86ScfLkODllGEA_y9xUSxBxBCS4sI5nAWKZQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 23:35:10 GMT
age: 67349
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13536 bytes)
Hash
512280055633fcce9abc7d11a9816a24
de5c3e010fca76659455a144875a52c25fa72bdd
435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 73913
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12425 bytes)
Hash
da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dxJEH4Jh8lAZ0T28BZnFLhWczwZ7oOaspCmR-SWudP32cF3BQc6wmw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:56:40 GMT
age: 73259
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8435 bytes)
Hash
b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hhh1q_MrZVAaRWwmc1IuJbL3KhhwwHQgceaL15okbg4NvKJlWfUjyA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:02:34 GMT
age: 72905
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&RedC=c.clarity.ms&MXFR=183B12F77C776650309400D678776871
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=183B12F77C776650309400D678776871; domain=.clarity.ms; expires=Wed, 11-Oct-2023 18:17:39 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 16 Sep 2022 18:17:38 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&RedC=c.clarity.ms&MXFR=183B12F77C776650309400D678776871

204.79.197.200

302 Found

60 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&RedC=c.clarity.ms&MXFR=183B12F77C776650309400D678776871
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
60 B (60 bytes)
Hash
ffeb5e59ef3cd140057855e600b4f44a
350d7eb62010def0a578248042d03a93af978a51
10d372eb5107004f4349e5c4b3c39869d4d3a22050b7964f1d0411dfb1951a3e

HTTP Headers

GET /c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&RedC=c.clarity.ms&MXFR=183B12F77C776650309400D678776871 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&MUID=18C774799D04668D078866589C5367D7
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=18C774799D04668D078866589C5367D7; domain=c.bing.com; expires=Wed, 11-Oct-2023 18:17:39 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E271BAAFF4F342298C291E4784036848 Ref B: OSL30EDGE0420 Ref C: 2022-09-16T18:17:39Z
date: Fri, 16 Sep 2022 18:17:39 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&MUID=18C774799D04668D078866589C5367D7

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&MUID=18C774799D04668D078866589C5367D7
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=22D1B344874642FC824A9EFE0D8C35AB&MUID=18C774799D04668D078866589C5367D7 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://we-meet-today.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 16-Sep-2022 18:27:39 GMT; path=/; SameSite=None; Secure;
date: Fri, 16 Sep 2022 18:17:39 GMT
content-length: 42
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: http://we-meet-today.com
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://we-meet-today.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 18:17:39 GMT
X-Firefox-Spdy: h2

we-meet-today.com/fav/wmt/video/tt/01/1.mp4

104.21.80.226

206 Partial Content

0 B

URL HTTP/1.1
we-meet-today.com/fav/wmt/video/tt/01/1.mp4
IP
104.21.80.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fav/wmt/video/tt/01/1.mp4 HTTP/1.1
Host: we-meet-today.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://we-meet-today.com/tt
Cookie: hashid=063c8f14c1638f599c4347ddcfcd0ead; country=Norway; country_code=no; city=Oslo; latitude=59.9127; longitude=10.7461; tour=1; sub1=6324bdb5a5996400016d4ad1; affiliate_id=1698; mst=2; st=1663352257; push_v2=48

HTTP/1.1 206 Partial Content
Date: Fri, 16 Sep 2022 18:17:37 GMT
Content-Type: video/mp4
Content-Length: 458006
Connection: keep-alive
Last-Modified: Mon, 04 Apr 2022 13:40:02 GMT
ETag: "624af532-6fd16"
Expires: Sat, 16 Sep 2023 18:17:37 GMT
Cache-Control: max-age=31536000
Content-Range: bytes 0-458005/458006
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plwcaFT8%2FekGsmGgVswzZBJyhSjEycrdzG6V3VK7jII2thS3fEL7aRpPPL3OKhVeZSaW9PXFYIKS3ce4IJthV1G3fp625h2jqotmB%2FhdkWY9UMt39b3Py5aJH%2FgrI1XbNB%2FwKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74bb999aac6db524-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?80

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap?80
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@600&display=swap?80 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 18:17:37 GMT
date: Fri, 16 Sep 2022 18:17:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

wemeettoday.com/ascripts/gcu-2.8.3.js

172.67.170.116

200 OK

0 B

URL HTTP/2
wemeettoday.com/ascripts/gcu-2.8.3.js
IP
172.67.170.116:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ascripts/gcu-2.8.3.js HTTP/1.1
Host: wemeettoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:17:37 GMT
content-type: application/javascript
last-modified: Wed, 02 Feb 2022 07:03:32 GMT
etag: W/"61fa2cc4-1737c"
expires: Sat, 17 Sep 2022 08:31:51 GMT
cache-control: max-age=86400, public
x-77-nzt: AblMCgFs85b/SokAAA
x-77-nzt-ray: Muh9ZeB5phg
x-cache: HIT
x-age: 35146
x-77-pop: amsterdamNL
x-77-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9690JvcjBGbYosbck2v42Od5JioxFNa8iE7qeubaYXahzagevOuNwZknz3jrZSTN8R6NAwN%2BhYbEIyb6gljCdUJxlH7h%2B43U%2BvXEzYENzCouuUO%2Fk2nx7ZTrSBl2lUBi4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74bb999a38491c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.clarity.ms/tag/bvsqia2v2y?ref=gtm

104.212.67.244

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP
104.212.67.244:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=ec418ed1a9a64b03a1e58b0c860e0a05.20220916.20230916; expires=Sat, 16 Sep 2023 18:17:39 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0w70kYwAAAAAoxa9zFZoASK4klcR0UPqvRFhCMzBFREdFMDIxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 16 Sep 2022 18:17:38 GMT
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.225.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.225.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://we-meet-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:17:37 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 555
expires: Mon, 19 Sep 2022 18:17:37 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74bb99990887b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations