www.todayhotties.ru Open in urlscan Pro
158.69.126.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3k5GdSw
Effective URL:
http://www.todayhotties.ru/s/5af3ff4b5a866
Submission: On January 12 via manual (January 12th 2023, 3:20:26 am UTC) from AU — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 158.69.126.131, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.todayhotties.ru.

This is the only time www.todayhotties.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	219.234.31.171 219.234.31.171	139021 (WEST263GO...) (WEST263GO-HK West263 International Limited)
1 1	185.36.100.24 185.36.100.24	62403 (GO4CLOUD) (GO4CLOUD)
7	158.69.126.131 158.69.126.131	16276 (OVH) (OVH)
8	2

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 219.234.31.171 (China)

ASN139021 (WEST263GO-HK West263 International Limited, HK)

klcsl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.36.100.24 (Haarlem, Netherlands) 1 redirects

ASN62403 (GO4CLOUD, VG)

onlinedates.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 158.69.126.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns522380.ip-158-69-126.net

www.todayhotties.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	todayhotties.ru www.todayhotties.ru	1 MB
1	onlinedates.ru 1 redirects onlinedates.ru	261 B
1	klcsl.com klcsl.com	457 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4707	283 B
8	4

	Domain	Requested by
7	www.todayhotties.ru	www.todayhotties.ru
1	onlinedates.ru	1 redirects
1	klcsl.com
1	bit.ly	1 redirects
8	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.todayhotties.ru/s/5af3ff4b5a866
Frame ID: 80CB1472576484CFFBD2920500104D85
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best dating worldwide

Page URL History Show full URLs

https://bit.ly/3k5GdSw HTTP 301
http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysom... Page URL
http://onlinedates.ru/?land=64121 HTTP 302
http://www.todayhotties.ru/s/5af3ff4b5a866 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

1381 kB
Transfer

1381 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3k5GdSw HTTP 301
http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysomid.html Page URL
http://onlinedates.ru/?land=64121 HTTP 302
http://www.todayhotties.ru/s/5af3ff4b5a866 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3k5GdSw HTTP 301
http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysomid.html

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	omniformity_platysomid.html klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/ Redirect Chain https://bit.ly/3k5GdSw http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysomid.html	104 B 457 B	3383ms 313ms	Document text/html	219.234.31.171 WEST263GO-HK West...
General Check archive.org Show headers Download Go to Full URL http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysomid.html Protocol HTTP/1.1 Server 219.234.31.171 , China, ASN139021 (WEST263GO-HK West263 International Limited, HK), Reverse DNS Software wts/1.6.4 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 112 Content-Type text/html Date Thu, 12 Jan 2023 03:20:19 GMT ETag "68-5f1f3c874b540-gzip" Last-Modified Wed, 11 Jan 2023 02:30:25 GMT Server wts/1.6.4 Vary Accept-Encoding Accept-Encoding X-Cache BYPASS from WT263CDN Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=90 content-length 187 content-type text/html; charset=utf-8 date Thu, 12 Jan 2023 03:20:16 GMT location http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysomid.html server nginx via 1.1 google
GET H/1.1	200 OK	Primary Request 5af3ff4b5a866 Show response www.todayhotties.ru/s/ Redirect Chain http://onlinedates.ru/?land=64121 http://www.todayhotties.ru/s/5af3ff4b5a866	6 KB 4 KB	1342ms 844ms	Document text/html	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/s/5af3ff4b5a866 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `f8df8a848e2a9b08e622f7e42e4ea81cc153d4548cf57037aa78c6e117699489` Request headers Referer http://klcsl.com/wp-content/plugins/background-image-cropper/Phronimidae/omniformity_platysomid.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 12 Jan 2023 03:20:21 GMT Server openresty/1.19.3.1 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Thu, 12 Jan 2023 03:20:20 GMT Keep-Alive timeout=60 Location http://www.todayhotties.ru/s/5af3ff4b5a866 Server nginx X-Powered-By PHP/5.6.40
GET H/1.1	200 OK	style.css www.todayhotties.ru/bundle/657/assets/css/	6 KB 6 KB	56ms 55ms	Stylesheet text/css	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/bundle/657/assets/css/style.css Requested by Host: www.todayhotties.ru URL: http://www.todayhotties.ru/s/5af3ff4b5a866 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `1b5cba2f02c5d464192fe747c2fdd2619b5bed58f50041b56a2d41b1f30b7ee3` Request headers accept-language en-US,en;q=0.9 Referer http://www.todayhotties.ru/s/5af3ff4b5a866 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Thu, 12 Jan 2023 03:20:21 GMT Last-Modified Tue, 21 Jun 2022 20:48:46 GMT Server openresty/1.19.3.1 ETag "62b22eae-187a" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6266
GET H/1.1	200 OK	jquery.js Show response www.todayhotties.ru/bundle/657/assets/js/	84 KB 84 KB	88ms 45ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/bundle/657/assets/js/jquery.js Requested by Host: www.todayhotties.ru URL: http://www.todayhotties.ru/s/5af3ff4b5a866 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers accept-language en-US,en;q=0.9 Referer http://www.todayhotties.ru/s/5af3ff4b5a866 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Thu, 12 Jan 2023 03:20:21 GMT Last-Modified Tue, 21 Jun 2022 20:48:48 GMT Server openresty/1.19.3.1 ETag "62b22eb0-14e4a" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 85578
GET H/1.1	200 OK	functions.js Show response www.todayhotties.ru/bundle/657/assets/js/	967 B 1 KB	90ms 43ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/bundle/657/assets/js/functions.js Requested by Host: www.todayhotties.ru URL: http://www.todayhotties.ru/s/5af3ff4b5a866 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `35ab6c3ef21ada4c2d3b33a99ce0858020fab1b30bb5da04ed67db835144ef13` Request headers accept-language en-US,en;q=0.9 Referer http://www.todayhotties.ru/s/5af3ff4b5a866 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Thu, 12 Jan 2023 03:20:21 GMT Last-Modified Tue, 21 Jun 2022 20:48:47 GMT Server openresty/1.19.3.1 ETag "62b22eaf-3c7" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 967
GET H/1.1	200 OK	click.js Show response www.todayhotties.ru/js/	5 KB 5 KB	1028ms 991ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/js/click.js?8 Requested by Host: www.todayhotties.ru URL: http://www.todayhotties.ru/s/5af3ff4b5a866 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9` Request headers accept-language en-US,en;q=0.9 Referer http://www.todayhotties.ru/s/5af3ff4b5a866 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Thu, 12 Jan 2023 03:20:22 GMT Last-Modified Thu, 05 Jan 2023 12:44:44 GMT Server openresty/1.19.3.1 ETag "63b6c63c-148c" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 5260
GET H/1.1	206 Partial Content	neon03.mp4 www.todayhotties.ru/bundle/657/assets/images/	1 MB 1 MB	79ms 43ms	Media video/mp4	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/bundle/657/assets/images/neon03.mp4 Requested by Host: www.todayhotties.ru URL: http://www.todayhotties.ru/s/5af3ff4b5a866 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `f4f0c4644c1767cd0716243b6c627b3c4eb9fcad884ff16f1501fce584545179` Request headers Referer http://www.todayhotties.ru/s/5af3ff4b5a866 Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Range bytes=0- Response headers Date Thu, 12 Jan 2023 03:20:21 GMT Last-Modified Tue, 21 Jun 2022 20:48:47 GMT Server openresty/1.19.3.1 ETag "62b22eaf-138673" Content-Type video/mp4 Content-Range bytes 0-1279602/1279603 Connection keep-alive Content-Length 1279603
GET H/1.1	200 OK	fp2.min.js Show response www.todayhotties.ru/js/	30 KB 30 KB	286ms 285ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL http://www.todayhotties.ru/js/fp2.min.js Requested by Host: www.todayhotties.ru URL: http://www.todayhotties.ru/js/click.js?8 Protocol HTTP/1.1 Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e` Request headers accept-language en-US,en;q=0.9 Referer http://www.todayhotties.ru/s/5af3ff4b5a866 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Thu, 12 Jan 2023 03:20:22 GMT Last-Modified Thu, 05 Jan 2023 12:44:44 GMT Server openresty/1.19.3.1 ETag "63b6c63c-77dd" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 30685

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 13:10:45	Name: _bit Value: n0c3kg-84a073fed36776b30c-00p
			.todayhotties.ru/	1970-01-20 08:53:00	Name: s Value: P8fIqE7XdJyufu%2BPnva6yEq2amPGFvG%2FszT33xMf1i68DaIozeBwfJ75lY9ddhIxkGTb0lKlCk8K7%2Bse8nNp1yB%2BNvgRH6NV%2FTdQQjIa1ZpDf%2FaqTKjrhYhtLX4wbTt9b6v4UioyoA6vIh%2BP64pc2nzSuezdXPNxXZYT1UIOwl6JOYo8SKfgfFIMwFC%2BujMrTx9jnyxijYuTOnKns7Zb3o9Ije1mQT4EkkTE%2B9wAewpRfJO68Y01gktHIDP3%2BBz7NPPEcBp9Q9K780fsgpUgUQeZbkjpsxiWn%2FfUbjg%2FPJ5V90Y%2B8yuSemVH40002YlT3aq8CP3XHmeOQ0YalDwuzhDhPRBw7Y%2BIUrYC3InJNsKo%2Fn3tAQV8dn0r2nAYMGp0RKrknefb81RdcCR02cZoycUFupybPJerYbLiVeqBKbmwEEDjIGDPMZMPdynHPr09SOnfA7X7qWVNuyGc%2BWn8KNd5DSPBEeaSZO8OeTVB%2BD%2F7%2F9dMbLajnbffz0fFeIMRw%2F3YTEu0IjbQGaiZRJQsoWMB%2Balu2XZUJOcqQSKv%2FLApRZzqtk4KSK17otr1s3HuKUIG6YtFWABvNb4Td601DmkpjHxcslWG0FpPzOf2wRRTiuU7vAR4ZDIvlIAXVgkIjOHpsLUvGZJYOclNDt9AUMazFS6FJBZtNuGJhP40DiNl%2FMbErf%2BHD4YTcdAq9v9CK1F%2F44lkRmhLAkkYOk3qWx1m0KktcZZrCQJPoOFOqiZL400E09pnXKOMgKCb7BwI72WXJIMtXTHnfgvM0LLoCEQUshVT5GGnW5oBENi5UIzi4KyNt9oprB20pBxlp5EeY0bejLRKGHictPk1hBkWoevjLzIEqvuSUFencBc4BTjum0Agi4zbPq7SSIeOuo%2Bu7mmMBbKralVM2amA65eKOG8vPOfg%2FFsRgfmvZhHPmiv0bJAUfn7y4TwqJIWcXomHp3tqigcxras8zW8rYeWj30LNdEd4V09KyzvaFCnh4sQPezfJPjfIm4T8CDD5K%2FBVK6IsD%2FGZ70UJ8UzuSGU3kgZRnPlT%2FrjD094LcRohhKi1zwRd0%2BXCw6gsTxxqOSXBe8mR3UrdC7ptLWgdRlvq9c1AePDQTT3Pk0cKcuvVqAa0anbST5NmNiDRfYv7JOweaG3V8bQSeSdTPTgrbJP3uDA1xuY7YDL7LjgnaQTyllCY%2Bf4r1fDNDqFY4KwIB7Tadd%2FSYeQPxx8vrwyRkAeFh3Galx51tedXIt8sW6ijOnW2kH4%2FGLDO1tEQ%2F4tWPBSyM8LJiC0bQUj6dLMQO1Lf1N922GMflEq4rszV9vzH%2BmztZ%2BO%2FvuXZEhp8GLv8JMCy%2FeFyRr1D8FQ9kbG%2BYD803XwcUbyaCZp2fZkBhMerph7HIRQQSQgciTN5BLLpQeOGVqs%2Bb7Ty7TCgxJdVZ0IqRs27cOhkgrQTQ1lSD8SYnj%2BPSjg0kXnv63Cqgp3bTXzDUkU02vMHwKNgOU9v4fOOnHx%2FTWlZ4t8z9oFLh3quhw%2BEF5ib1ptLY7mSG%2F9YS79ynTDBSbDH9UEY%2FIMSKnz4zB5WUcw%2FUDZAhECojg0%2FCpUMx4w5GJkG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
klcsl.com
onlinedates.ru
www.todayhotties.ru
158.69.126.131
185.36.100.24
219.234.31.171
67.199.248.10
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1b5cba2f02c5d464192fe747c2fdd2619b5bed58f50041b56a2d41b1f30b7ee3
35ab6c3ef21ada4c2d3b33a99ce0858020fab1b30bb5da04ed67db835144ef13
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
f4f0c4644c1767cd0716243b6c627b3c4eb9fcad884ff16f1501fce584545179
f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9
f8df8a848e2a9b08e622f7e42e4ea81cc153d4548cf57037aa78c6e117699489

www.todayhotties.ru Open in urlscan Pro 158.69.126.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

2 IPs

4 Countries

1381 kBTransfer

1381 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Indicators

www.todayhotties.ru Open in urlscan Pro
158.69.126.131 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

1381 kB
Transfer

1381 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions