r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4506
Expires: Fri, 02 Dec 2022 02:58:45 GMT
Date: Fri, 02 Dec 2022 01:43:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4904
Cache-Control: max-age=122957
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:39 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:52:56 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1429
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2841
Expires: Fri, 02 Dec 2022 02:31:00 GMT
Date: Fri, 02 Dec 2022 01:43:39 GMT
Connection: keep-alive
en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
45.77.172.186301 Moved Permanently 449 B URL HTTP/1.1 en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
IP 45.77.172.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 81b86344e90d8d322dab8353036efd50
befcfa244bee748f35c94f45a65ef754fdad3fc2
86f19cb22656df46165dd8ad27285900b450fa09a030c8e7c53cb62839772116
GET /wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html HTTP/1.1
Host: en.quocduy.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-type: text/html
date: Fri, 02 Dec 2022 01:43:39 GMT
server: LiteSpeed
location: https://en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PU/q0j41GzbqH02guvkhs2pn+2yflcXAVRuBl26TRhvDlxH8GvzauewNxYSg1f8QOOlide3fh+Q=
x-amz-request-id: WC8RD08FXQQYBZNZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 00:45:52 GMT
age: 3467
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:43:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 01:08:57 GMT
cache-control: public,max-age=3600
age: 2083
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4911
Cache-Control: max-age=117900
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:40 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:28:40 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
45.77.172.186200 OK 104 B URL HTTP/2 en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
IP 45.77.172.186:0
File type HTML document, ASCII text
Hash d2b918a2973dbfb29b590cfc8adb437b
7089f7cbc0a88105188bfa15bda1f5e586df059e
b62cd2daf593ae7fb5853a7ce3d4da8d64e586a2c7f8e12bdfdfc71873ebdf8c
GET /wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html HTTP/1.1
Host: en.quocduy.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
etag: "68-6334d284-1a5e07a;;;"
last-modified: Wed, 28 Sep 2022 23:02:28 GMT
content-type: text/html
content-length: 104
accept-ranges: bytes
date: Fri, 02 Dec 2022 01:43:40 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
onlinedates.ru/?land=88579
185.36.100.24302 Found 0 B URL HTTP/1.1 onlinedates.ru/?land=88579
IP 185.36.100.24:0
ASN #62403 Disk Group Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /?land=88579 HTTP/1.1
Host: onlinedates.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 01:43:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.6.40
Location: http://www.todayhotties.ru/s/5af3ff4b5a866
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aI7Eyj6W1hUMWv1ApW3q+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +XI1Ue4qO6jKI3PFCayqUkBzHuU=
www.todayhotties.ru/s/5af3ff4b5a866
178.162.199.80200 OK 2.1 kB URL HTTP/1.1 www.todayhotties.ru/s/5af3ff4b5a866
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e69412ea58d90ba0ec01f0b1e37b68ea
04ef12a416e3cda1dd988123a1e23d3391af084b
59679965dfadb91951221a9564a5af875603e3a3618cc12403afb50eb61e24cb
Analyzer Verdict Alert fortinet Phishing
GET /s/5af3ff4b5a866 HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D; expires=Sat, 03-Dec-2022 01:43:40 GMT; Max-Age=86400; path=/; domain=todayhotties.ru
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=todayhotties.ru
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=todayhotties.ru
Content-Encoding: gzip
www.todayhotties.ru/bundle/99/assets/css/style.css
178.162.199.80200 OK 7.0 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/css/style.css
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash b3ecc6757acf981d9322b73641c499a3
6286e783e32be4d52e41dea61be4c797ec5ab080
90fc07998a264927400bf8eebecd05931a053d0cb685da738fd915de3af1a678
GET /bundle/99/assets/css/style.css HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: text/css
Content-Length: 7048
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
Vary: Accept-Encoding
ETag: "5c10d7b4-1b88"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/js/js.js
178.162.199.80200 OK 393 B URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/js/js.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash e520d23e169f8ace2c4c6b200c530ce7
d65be6b21336d62e7916944f8033e679f4c42f3b
0e40d7d43535e8bf89b6b8b2add40e6267084a18716bede259acf12a92c10c3d
Analyzer Verdict Alert fortinet Phishing
GET /bundle/99/assets/js/js.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: application/javascript
Content-Length: 393
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
Vary: Accept-Encoding
ETag: "5c10d7b4-189"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/js/main.js
178.162.199.80200 OK 118 B URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/js/main.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash bb2ea8b17782bc25f136586cf9bfbc1a
74a74649e82d684f2d9c4fa5b03214ea512c3934
ba8b334c9a57119ba9643a6034378cc5541dce29d18f7ee9b8de5046798cd4ec
Analyzer Verdict Alert fortinet Phishing
GET /bundle/99/assets/js/main.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: application/javascript
Content-Length: 118
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
Vary: Accept-Encoding
ETag: "5c10d7b4-76"
Accept-Ranges: bytes
www.todayhotties.ru/js/click.js?8
178.162.199.80200 OK 5.3 kB URL HTTP/1.1 www.todayhotties.ru/js/click.js?8
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 8207d083c909c6386927c5197eff584c
a5f1148a0e9923191d3f8ed4c1750240374af2a9
f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9
Analyzer Verdict Alert fortinet Phishing
GET /js/click.js?8 HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: application/javascript
Content-Length: 5260
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 12:43:08 GMT
Vary: Accept-Encoding
ETag: "63762c5c-148c"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/js/functions.js
178.162.199.80200 OK 485 B URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/js/functions.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash df9a59adb461ca2cefdcc45bb121e5e9
89ae837e40d62610dca65e354efa1857083ef4eb
44fcd38991b7633adaf956c7de651489994439b65551b9f30118a46a3bc5fa8a
Analyzer Verdict Alert fortinet Phishing
GET /bundle/99/assets/js/functions.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: application/javascript
Content-Length: 485
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
Vary: Accept-Encoding
ETag: "5c10d7b4-1e5"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.todayhotties.ru/bundle/99/assets/js/jquery.js
178.162.199.80200 OK 86 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/js/jquery.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer Verdict Alert fortinet Phishing
GET /bundle/99/assets/js/jquery.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
Vary: Accept-Encoding
ETag: "5c10d7b4-14e4a"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/logo.png
178.162.199.80200 OK 7.2 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/logo.png
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type PNG image data, 213 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 6fceda5eccc25a76afaf80e8ce4717af
f93bf4fd992fc40ff6912e0c15843016645ea9db
8bcb893c36ba6d166cc8308e3779d0786b981562e6d11edb4956999f5fa10655
GET /bundle/99/assets/img/logo.png HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/png
Content-Length: 7244
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1c4c"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
142.250.74.106200 OK 3.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
IP 142.250.74.106:0
Hash a9c8703f4cb460335ecf7735895f6934
1a988eec3c20d1ef86d1b688dbd372eea3c5eb6f
ff3285ecf5e766cf3fd7935dfab316cd693f5665d24d0e9abc6d264f0c80f9e8
GET /css?family=Montserrat&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.todayhotties.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 01:43:41 GMT
date: Fri, 02 Dec 2022 01:43:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.todayhotties.ru/bundle/99/assets/img/1.jpg
178.162.199.80200 OK 108 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/1.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1210, components 3\012- data
Size 108 kB (107698 bytes)
Hash d2122a5f932200068cf52f0e5a46e8e6
f6d52e1a1ddf8b09532534b62a822ca68b19d9ed
73b84844ad0b120aa272cd1efcc6f7818cfbd49a48c76a8d7b7980cfc158eae5
GET /bundle/99/assets/img/1.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 107698
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1a4b2"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.todayhotties.ru/bundle/99/assets/img/5.jpg
178.162.199.80200 OK 114 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/5.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1350, components 3\012- data
Size 114 kB (113885 bytes)
Hash 7a2f97ccd82fd655373e0a465081757c
d791b86283da1bf2978d0efa22a92c3bc945b1d0
a8e2ac3405128fd4e515f76c2f58a0b87f634e9b22d6483bdee50bfff31d0031
GET /bundle/99/assets/img/5.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 113885
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1bcdd"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/7.jpg
178.162.199.80200 OK 143 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/7.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1350, components 3\012- data
Size 143 kB (142884 bytes)
Hash d6810bfbc02761f16ea5d332703366b7
3b2b7d1cbe6f8b008115e14c4dcc94b9775347ee
9e0fd0b2c455aad2df6bbe296c78b61540d8a3a36371e0c7319a8db981bbebb6
GET /bundle/99/assets/img/7.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 142884
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-22e24"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/8.jpg
178.162.199.80200 OK 122 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/8.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1350, components 3\012- data
Size 122 kB (121910 bytes)
Hash ce2b7b91688963dca23ddb46ad93738f
d67d10192bd80493cffe21b47f5ac193bbea42c0
ac52a81fb8e5e2532891d7e02eac03381ca164d572f8056b5210a6a6603ec2c1
GET /bundle/99/assets/img/8.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 121910
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1dc36"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/6.jpg
178.162.199.80200 OK 145 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/6.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1350, components 3\012- data
Size 145 kB (145230 bytes)
Hash 61c5f8bdab9763108b6e251d92c1a478
b93636b8e0eb3da0a27b1cf37553d7a28bb7639b
fe25a1c25076abe3711abe89e8bc774b8a90ea092a21c36b09979f92e24b20f6
GET /bundle/99/assets/img/6.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 145230
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-2374e"
Accept-Ranges: bytes
www.todayhotties.ru/js/fp2.min.js
178.162.199.80200 OK 31 kB URL HTTP/1.1 www.todayhotties.ru/js/fp2.min.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (30507)
Hash e7d6b85edb141824af8951e19333337c
76600b2cb1978ca24d9fe39b1412f052da855ddb
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
Analyzer Verdict Alert fortinet Phishing
GET /js/fp2.min.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D; CF=UpfLfS+UKbbfGPDWQETTZg__
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: application/javascript
Content-Length: 30685
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 12:43:08 GMT
Vary: Accept-Encoding
ETag: "63762c5c-77dd"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/2.jpg
178.162.199.80200 OK 92 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/2.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 961x1201, components 3\012- data
Hash d58d6cee7c3ab420c6ea15941947e713
76238c2dbc8bf05d5f1b19e77b98cc217ccfcd5f
517d19c3b97968af48e26babbb10e43044af2469600dfd4f57dc21dbe8fcc32f
GET /bundle/99/assets/img/2.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 91948
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1672c"
Accept-Ranges: bytes
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.todayhotties.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 14:42:14 GMT
expires: Sun, 26 Nov 2023 14:42:14 GMT
cache-control: public, max-age=31536000
age: 471687
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.todayhotties.ru/bundle/99/assets/img/9.jpg
178.162.199.80200 OK 111 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/9.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x830, components 3\012- data
Size 111 kB (111302 bytes)
Hash 43ad6af0f65845ea035fac70f664084d
657187afa709d6c249f4637dd2a35cafcd6a81b8
9ea334551779a0f7116724e0bc9ec0584cc8fa59c1283606efe43f4d873b60d0
GET /bundle/99/assets/img/9.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 111302
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1b2c6"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/4.jpg
178.162.199.80200 OK 125 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/4.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x830, components 3\012- data
Size 125 kB (124662 bytes)
Hash e148ac844eecd8fcd8cbee5ea1f985b5
7ef19d28c4179fff8017c958b2167c1156d04668
8a3c17fc964a085ce022701a6887d44977467a042e8837a9d5a258a37fa5d72b
GET /bundle/99/assets/img/4.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 124662
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1e6f6"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/10.jpg
178.162.199.80200 OK 83 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/10.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1349, components 3\012- data
Hash 72b3f66cb85cc73df4faa56e720ae6f6
dce5576492f551c219e2c34627979091103ba7f0
4d5f8482d4048742b3883f8f0dadfef946fda6f3ac156f26f682946d40fcdbbd
GET /bundle/99/assets/img/10.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 82972
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-1441c"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/99/assets/img/3.jpg
178.162.199.80200 OK 248 kB URL HTTP/1.1 www.todayhotties.ru/bundle/99/assets/img/3.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1349, components 3\012- data
Size 248 kB (248519 bytes)
Hash aaea57899f3f041abdc6dd8db79282bb
d3eea50c36cf980b583b9849866291f2113b69ea
c1e34e9470f9d8e1493e0932391066756694ab54e352b432e5a6e53e3d0de31e
GET /bundle/99/assets/img/3.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: image/jpeg
Content-Length: 248519
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2018 09:41:08 GMT
ETag: "5c10d7b4-3cac7"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 431415b5bd0fc3f22a22f5aec5141e95
1469cdc016c7e4f6c0f83ccd41f943550db62534
fff988e69a02c859f0775e0f46623b2a9ee9e4cc1416a0bc2feafd3ddfbcc409
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FFF988E69A02C859F0775E0F46623B2A9EE9E4CC1416A0BC2FEAFD3DDFBCC409"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Fri, 02 Dec 2022 07:43:33 GMT
Date: Fri, 02 Dec 2022 01:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 787a063eda31151ead362c763fb62d6f
ce1dce334ecea1cdbec0f84facd210fc1a589a3a
510c2a5e0964d5cb5c3b787153ebfc2c074ac998711821fd383aa5863ba12a0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "510C2A5E0964D5CB5C3B787153EBFC2C074AC998711821FD383AA5863BA12A0B"
Last-Modified: Thu, 01 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 07:43:41 GMT
Date: Fri, 02 Dec 2022 01:43:41 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
topxlovers.com/assets/bf53a345e31e9f2c6534eac981237ec6/images/1.gif
37.48.65.151404 Not Found 9 B URL HTTP/2 topxlovers.com/assets/bf53a345e31e9f2c6534eac981237ec6/images/1.gif
IP 37.48.65.151:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /assets/bf53a345e31e9f2c6534eac981237ec6/images/1.gif HTTP/1.1
Host: topxlovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.todayhotties.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Fri, 02 Dec 2022 01:43:40 GMT
server: Cowboy
set-cookie: sid=bfd86794-71e2-11ed-bbd6-63863ef26e9a; path=/; domain=.topxlovers.com; expires=Wed, 20 Dec 2090 04:57:48 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
topxlovers.com/assets/bf53a345e31e9f2c6534eac981237ec6/images/2.gif
37.48.65.151404 Not Found 9 B URL HTTP/2 topxlovers.com/assets/bf53a345e31e9f2c6534eac981237ec6/images/2.gif
IP 37.48.65.151:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /assets/bf53a345e31e9f2c6534eac981237ec6/images/2.gif HTTP/1.1
Host: topxlovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.todayhotties.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Fri, 02 Dec 2022 01:43:40 GMT
server: Cowboy
set-cookie: sid=bfd868b6-71e2-11ed-bb15-6386d57434b8; path=/; domain=.topxlovers.com; expires=Wed, 20 Dec 2090 04:57:48 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
www.todayhotties.ru/favicon.ico
178.162.199.80200 OK 7 B URL HTTP/1.1 www.todayhotties.ru/favicon.ico
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash 88183b946cc5f0e8c96b2e66e1c74a7e
bc7819b34ff87570745fbe461e36a16f80e562ce
b764cdc0eab7137467211272fa539f1260d1bf2e71bcf6ff3bdc960f5c16aa14
GET /favicon.ico HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=H5E7Hrb4UFTgUMBDkaQkLaM8xVL1VobMEpeZ3xoaXh0m40T2oUvz1HXQZ9VAw7%2FyIPZSW8Y7yQNshHE%2FABJnNiB%2BNvinGqNb%2FRS4b4bIBd6yRiRRbnvqLpIR2MUUneeAe7anZlutDnEavyArOsrW1NMUrVZXve4mJy4M%2FRcLdCPdHC7pjBOTFaPMJRUuE9zI4var%2F9UO0DM1SHEru0hmFfaK51Cp0LxsMzxHTSb0eFaLNa5zHJpQOpZ8YR5mKBLfuNT%2BFoXRAS2AM%2FQ2rUsxd%2ByGptKeaxjXqSTT92y%2Bc3iMruT9f9%2F%2FTN5wnpC0o1oRywIvyYfeSRazIalROisZuPcvCyJGz7wpNQEXV%2Fj2HAL6JMqs6IIAn5HICERcCdWt9%2F3uqV0mdt5Ra3ieR9V4Anx67w2ZkuEX5UTaXiqUe5PvhUpHz0X6tid82htV75oSYVUA3kL%2F6%2FYmOMtAyJkV3ldlBCWW8zhaOJNt4BMhFzucqF71tZ%2Fm9WjiH647nbE4oJZ%2FrFK3B1jc%2FbTRbNi355xEJzK5LEURhJr7pi8JdDIK4fvjVFpZECykPVF%2F0Wd%2FQudD6L1e0ngXpETkkiMsCxtRWcT1%2FlK1Qe4LGHvVpVCbOtgEwRp77F0RbVL9Bl8VSXmqlMPJfVlx13n4cJLNYNaNNzFNtVttvRvisN%2FUn4fNUTw1OKLYB4hSjAcTSMPl4qZan9IAi0YOjR3GcFgQZf3NKV7bpsohs2UfZ6Y%2B%2Bi%2By%2FkDL5ox29vgkd5inTAlGtalmx%2BCyVKJj2uSVmPoe3ZFmLNSErNeSOEp%2FwvpKfit0cHFJZJa3YXiFYvBB1DFGCZH8QSBZKxyre7iINyeQUkbZ%2FNCNbQC6%2BSHh9FlmzYMWCsGHBIOjG1KqTgzj%2FgbCGrINv3UgNIm1kvZquCBOMd9MZWrug1pkulJssFfV%2Fl%2Bfij5v%2FCN%2BIkMUHRhkK%2FKyG4AqkgOFmtKDiimSkQZLIl%2BAtbXqjnkUHP5r4LDs9RcAvpJiRZUjxXC9UGyrrgL3n0rJiYpE%2FnUneScJYK7Wp0i5WQ%2F4fq%2FXrOOtS3zm3lERitpISV8Y1frJyfY8ayEce0KiR25U5eUmwm4XwEttgsy4MzR9XXY%2FX27h%2B%2FUpRXDzEjrWDoaQXtxUsWvo%2F%2BiPmBWf0beh9xNnIfpJSjJCq03%2Bk%2FxxgPvmUr0g6J0dsahGMoZ8Yn9af0zvV6lxhqq8ZHrAdKfK6%2BNKQwG9t8uJCQgkOhr0ajl5KhE7g2P69KORUsLqKWEVOI1s8%2Fv6Y%2BVlj0IpsboaS806UaKTZK5fYkkf5LYHCTlwXMTi%2BTjkYLx6sh%2FFijAVsOCVANdVEmeaf8hGExpAg9KqmjpOM7Zf6gtEazzAId%2BMzBZNB%2Bm8HHEf%2B2rHGXQgzbyYC6sLFhM4ZhnnULnkGXWZ3kaH3Jgww0ThVtFZAm355vroaDIrb1ifMzGGlvE3%2FQm9w9V9S%2FVmIG64iEW1Mqri3BZuqEbuDxiGSIdmujQCfT7vXCntmj4PPEomDWKBJN2rNaORTXsPTi2RkxUggTZatwyQSDdKGBT2OAgseIoHHmw%2FEN6vPIi%2FGA4%3D; CF=UpfLfS+UKbbfGPDWQETTZg__
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:41 GMT
Content-Type: text/html
Content-Length: 7
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:08:01 GMT
ETag: "63889921-7"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18933
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 01:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18933
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 01:43:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 66479
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14145
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 14934
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 14013
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14145
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 66260
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2