200 OK 4.3 kB URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (507), with CRLF line terminators
Hash 5e4d9554c544f46c7b69328e3ed707e9
86ab363967fe964ca041502d9c0b752b55b20bf2
5ff8858a056242abd094ba2960604c5482e76ad3f4deabf18bb0d6a7a951cb0e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:43 GMT
Content-Type: text/html
Last-Modified: Mon, 17 Oct 2022 11:26:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"634d3be4-2932"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
471 B IP
Hash 7131c5cb4a2244dd5c131accaa112313
233a99920c9e52efc38895a777abe16933b73952
fd035dad033a9f1d60b2644c7706bbf55daed809a6ed7eabcc5c8d166a4dbdcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash da0bb922939fdb61a841c9c196c4df0f
9aab2b0ce4581d86e82988cab48ded50978c10f8
ff21dc0286eedf85f3887a830a287cb1598e19763714f157f848cf6c5b932923
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-7JEJQW3TTQ
200 OK 80 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-7JEJQW3TTQ
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (3288)
Hash f69727273312e80157953bb4fc513634
6a87e44dcde3b0c8320929fc47d8a95618604fb1
36d64c8e27715bd2881139f73a65153f4e16b0c65a1925260ed28bf07e80995e
GET /gtag/js?id=G-7JEJQW3TTQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 15 May 2023 06:21:44 GMT
expires: Mon, 15 May 2023 06:21:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 7131c5cb4a2244dd5c131accaa112313
233a99920c9e52efc38895a777abe16933b73952
fd035dad033a9f1d60b2644c7706bbf55daed809a6ed7eabcc5c8d166a4dbdcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash da0bb922939fdb61a841c9c196c4df0f
9aab2b0ce4581d86e82988cab48ded50978c10f8
ff21dc0286eedf85f3887a830a287cb1598e19763714f157f848cf6c5b932923
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s1.pstatp.com/cdn/expire-1-M/font-awesome/4.6.0/css/font-awesome.min.css
200 OK 6.6 kB URL GET HTTP/1.1 s1.pstatp.com/cdn/expire-1-M/font-awesome/4.6.0/css/font-awesome.min.css
IP
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert, Inc.
Subject*.pstatp.com
Fingerprint9F:CF:75:C3:71:C2:BB:D5:07:05:09:77:E4:1E:8B:BF:EB:BB:AF:C7
ValidityFri, 29 Jul 2022 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (28596)
Hash 963f38577cc1586d78e83a4acdf39723
2623a8aeef66ed5f4cbc2f3e59856e4ae9f32a80
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
GET /cdn/expire-1-M/font-awesome/4.6.0/css/font-awesome.min.css HTTP/1.1
Host: s1.pstatp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 Jun 2023 09:39:15 GMT
Server: nginx
Last-Modified: Sat, 22 Jan 2022 22:34:23 GMT
ETag: W/"61ec866f-7057"
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-tt-trace-host: 011edc5a70b6b92e22b8ea20835f19b099f28c14f758f8767aba295eee64817c4fe39f86df5ff4d26279da0b0f423119b125b7eada9f6f7bede516a4a70737227697fc5c61524fcbffccb8e0119f15462e16347bd3486a8fac1ce6c5df057c4ecbda8c5f2c4f1ff04003bb0c6bf812ed69
X-Cache-new: HIT
Age: 1
X-Via: 1.1 PSzjnbsxjm101:4 (Cdn Cache Server V2.0), 1.1 PS-000-010U9202:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:7 (Cdn Cache Server V2.0)
x-response-cache: edge_hit
server-timing: cdn-cache;desc=hit,edge;dur=0
x-tt-trace-tag: id=01;cdn-cache=hit;type=static
X-Ws-Request-Id: 6461cf78_PShlamstdAMS1vj92_29794-8419
Ws-S2h-Acc-Level: 1
Timing-Allow-Origin: *
X-Response-Cinfo: 91.90.42.154
hotlive38.net/js/md5.js
200 OK 3.4 kB IP
Hash e41e6940888f4bfd468e70a22d1b0b03
2b239b97303f439a429017781d584b399d8189f9
e63fc7893bbf52a881cf3af4d5ed1ac4733427b4bf24aee86b19d97634c74006
Analyzer Verdict Alert fortinet Phishing
GET /js/md5.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 15:43:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622a1c84-2d26"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/jquery.min.js
200 OK 34 kB URL GET HTTP/1.1 hotlive38.net/js/jquery.min.js
IP
File type ASCII text, with very long lines (32019)
Hash 6cbb321051a268424103cd4aea8ffa66
7cb05e3d551cd61439337b2cb22f49b1955f9711
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 May 2021 11:13:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"609520c0-14e7e"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/newmain.js
200 OK 2.2 kB URL GET HTTP/1.1 hotlive38.net/js/newmain.js
IP
File type ASCII text, with CRLF, LF line terminators
Hash 98308130bad3c6c1dd48f767866a856c
77daf44eced587ea9cb1c781bb7e4e9cca81db23
d67d2cee2e9a4d16f5b928164bb7470ce2b51f35865cd42ffc2213012cf0af71
Analyzer Verdict Alert fortinet Phishing
GET /js/newmain.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 27 Oct 2022 11:57:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635a721b-16ea"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/crypto-js.min.js
200 OK 23 kB URL GET HTTP/1.1 hotlive38.net/js/crypto-js.min.js
IP
File type ASCII text, with CRLF line terminators
Hash 1bdaf4ec83eb86fda215202fad4f53ec
12deed7327c4e251875f7bb420a2ff5450909035
37dea0d41f112010a49f472f89910bee43c9ef6691a24e99ab9f252bd1b60f2d
Analyzer Verdict Alert fortinet Phishing
GET /js/crypto-js.min.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 15:42:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622a1c76-11c44"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/clipboard.js
200 OK 6.3 kB URL GET HTTP/1.1 hotlive38.net/js/clipboard.js
IP
File type Unicode text, UTF-8 text, with very long lines (849)
Hash faf3899bbeb86222023e38e391d9dd7b
96a6f9c6c081194a8efd6fb7859ade479a7827e0
3912af75d464826d0cd391517bffa7b1059e6081e97d73b188ecf36e13c4bd2d
Analyzer Verdict Alert fortinet Phishing
GET /js/clipboard.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 15:44:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622a1cce-6191"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/kf/dist/lib/modernizr.touch.js
200 OK 1.4 kB URL GET HTTP/1.1 hotlive38.net/kf/dist/lib/modernizr.touch.js
IP
File type HTML document, ASCII text, with CRLF, LF line terminators
Hash 0db364c88b73ab7753eb382cf9f14bcb
151b196134308a1c13718849c372e6b0544a7536
c4f3953e572d63c9497fde2a4ec1bc2a5c16ca44d99c007a9d95e3b1533f3972
Analyzer Verdict Alert fortinet Phishing
GET /kf/dist/lib/modernizr.touch.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 03 Apr 2022 16:00:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6249c4a4-bb9"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/mobile-detect.js
200 OK 25 kB URL GET HTTP/1.1 hotlive38.net/js/mobile-detect.js
IP
File type ASCII text, with very long lines (5442)
Hash b251f1ce17e8c1ff9e4d789491ce4d09
cb6ef599821039af443f09ffe2716995fb6359e8
721be7bfa8a886bff0050dae7b71f892991d3fad6b2d19a2986ba776b6b41fa3
Analyzer Verdict Alert fortinet Phishing
GET /js/mobile-detect.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 15:43:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622a1caa-10ef1"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/axios.js
200 OK 13 kB URL GET HTTP/1.1 hotlive38.net/js/axios.js
IP
Hash 73fcc4182a225c2dcb1d8dde1538535f
9e4b16aede9e9e593cd4d8f7e15a17bec8fac22f
6ddf1720acebb722753b94a1dd7a771a2b8c233582e3665e92facc303e06c518
Analyzer Verdict Alert fortinet Phishing
GET /js/axios.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 15:43:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622a1c9a-b47d"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/kf/css/index.css
200 OK 2.1 kB URL GET HTTP/1.1 hotlive38.net/kf/css/index.css
IP
File type ASCII text, with CRLF, LF line terminators
Hash 2218dbbcd26d86344680c3ee1895e99b
ae033d525a3472c2d1604907ff8d6918768b145a
02da7104df5ba5a946e74b0387601d10300f62bf694282f4b9ed2be97d82ce6b
GET /kf/css/index.css HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: text/css
Last-Modified: Sun, 03 Apr 2022 17:41:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6249dc4e-1d55"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/kf/dist/mfb.css
200 OK 5.2 kB URL GET HTTP/1.1 hotlive38.net/kf/dist/mfb.css
IP
File type ASCII text, with very long lines (318), with CRLF line terminators
Hash 2b94b21e611f34faf242a3dcb78179eb
6e254f863fa2c1244ce898b8ad9f65b3f272df19
17305bb7e8dacf03f9f2e7fb3ce18f4006086c7a98af0e15694bbea5cd5299ba
GET /kf/dist/mfb.css HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: text/css
Last-Modified: Mon, 04 Apr 2022 00:55:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"624a41fc-8aa7"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/m.css
200 OK 1.8 kB IP
Hash cbd82b2bc52385c3a4fc19755856278d
cbafcaafb890659eb52bd3332c236fcd39d19696
e6e9ae5b51ecf415f565c5e46fde410295ec92377f7ca7d2e21fff81c37735dc
GET /js/m.css HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: text/css
Last-Modified: Mon, 04 Apr 2022 07:18:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"624a9bd7-151a"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/jquery-1.11.1.min.js
200 OK 45 kB URL GET HTTP/1.1 hotlive38.net/js/jquery-1.11.1.min.js
IP
File type ASCII text, with CRLF line terminators
Hash 782a8d630964803e237e28e2dedce177
fed0284a9c15c86605bb54892859033ddfd08ba7
5c5ad58eccfd84db4cfda3c50bf1324be977042fd9c442fc205757d2df3ba5a4
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.11.1.min.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 13 Jun 2021 21:31:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c6792a-202ea"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/kf/dist/mfb.js
200 OK 1.1 kB URL GET HTTP/1.1 hotlive38.net/kf/dist/mfb.js
IP
Hash 98f2dbd642c14395d70b8946ce044a52
94137554c5e53f0295c7d8d9d582462622b724d5
7f72356b350eb15ff0eb78e0d618369a2f06e05a6efc6c8652ef4c89d03a0ffc
Analyzer Verdict Alert fortinet Phishing
GET /kf/dist/mfb.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 03 Apr 2022 15:23:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6249bbea-9fd"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive38.net/js/st.min.js
200 OK 5.7 kB URL GET HTTP/1.1 hotlive38.net/js/st.min.js
IP
File type ASCII text, with CRLF, LF line terminators
Hash a2e4746cbf699c3c2ef49f48c838b2a4
db9c884bca953540f515d9f8571258dc70f090e6
6d60358d7c31a3022566eb4660dcf7bd4763d42945f35a8b85ef9c127d791fa4
Analyzer Verdict Alert fortinet Phishing
GET /js/st.min.js HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 13 Jun 2021 21:29:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c678cc-4a85"
Expires: Mon, 15 May 2023 18:21:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
471 B IP
Hash f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
200 OK 10 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hotlive38.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 May 2023 17:49:08 GMT
expires: Sun, 12 May 2024 17:49:08 GMT
cache-control: public, max-age=31536000
age: 131557
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUhiZTaR.woff2
200 OK 8.3 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUhiZTaR.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 8256, version 1.0\012- data
Hash 032cf1bd311fde80a6c2673e052e1481
ab82d41182e675be2e9f334049bab763fcc15fc5
38d66966b4ae872dd57fb58a92e8f4d8d9cb99e6f78afab832140585c424fee3
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUhiZTaR.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hotlive38.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 08 May 2023 22:05:59 GMT
expires: Tue, 07 May 2024 22:05:59 GMT
cache-control: public, max-age=31536000
age: 548146
last-modified: Mon, 18 Jul 2022 19:26:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hotlive38.net/imgs/icons8-get-help.svg
200 OK 1.5 kB URL GET HTTP/1.1 hotlive38.net/imgs/icons8-get-help.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1544), with no line terminators
Hash 8557a1d1f39016a56402af80bba186a3
2d791f1626210c22fc84b3d4995e9135e6774511
ec254615c4ad7609d1a55492937efa3fbaeb891345c0f08de8e1b5508fb7963b
Analyzer Verdict Alert fortinet Phishing
GET /imgs/icons8-get-help.svg HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/svg+xml
Content-Length: 1544
Last-Modified: Sun, 03 Apr 2022 16:59:21 GMT
Connection: keep-alive
ETag: "6249d269-608"
Accept-Ranges: bytes
hotlive38.net/imgs/icons8-telegram-app.svg
200 OK 826 B URL GET HTTP/1.1 hotlive38.net/imgs/icons8-telegram-app.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (826), with no line terminators
Hash 919a6e225ffc16e8543738b5e4bd3694
0f9676ee74d73026df08e0049cebab172661dbd0
542ae3394a30f1d26fbbed6fcd567ebe01d3f23827fa915b93625af0aa8d3c36
Analyzer Verdict Alert fortinet Phishing
GET /imgs/icons8-telegram-app.svg HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/svg+xml
Content-Length: 826
Last-Modified: Sun, 03 Apr 2022 16:59:21 GMT
Connection: keep-alive
ETag: "6249d269-33a"
Accept-Ranges: bytes
hotlive38.net/imgs/icons8-zalo.svg
200 OK 1.5 kB URL GET HTTP/1.1 hotlive38.net/imgs/icons8-zalo.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1463), with no line terminators
Hash 19c25b1f48ae118533fca2a65d160e5b
cdb3878f1c1fa05bc69c8601c63ae586d2b069ef
8b5a965771a8286169e9ee37f6b397273f4acca17d36476ea06b6e6db743c721
Analyzer Verdict Alert fortinet Phishing
GET /imgs/icons8-zalo.svg HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/svg+xml
Content-Length: 1463
Last-Modified: Sun, 03 Apr 2022 16:59:22 GMT
Connection: keep-alive
ETag: "6249d26a-5b7"
Accept-Ranges: bytes
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUliZTaR.woff2
200 OK 2.8 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUliZTaR.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 2828, version 1.0\012- data
Hash d38e82aa9eefb509b040062c069c2404
a1e6057b5d9d302c51d324bddd1a8e23fd0d9554
6a19bea0f19e03daf159a4264c6c50639e9d9a2a2eb3b41ad01a4b5f3a171c4a
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUliZTaR.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hotlive38.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 2828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 04:50:38 GMT
expires: Fri, 10 May 2024 04:50:38 GMT
cache-control: public, max-age=31536000
age: 351067
last-modified: Mon, 18 Jul 2022 19:46:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hotlive38.net/imgs/icons8-facebook-messenger.svg
200 OK 2.4 kB URL GET HTTP/1.1 hotlive38.net/imgs/icons8-facebook-messenger.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2438), with no line terminators
Hash d71cc5661199ea8b4a58473765550853
cc0db757696842192ea70710e78b4f9996973ac6
c692dc56f0e6094bb4cc150b0462adebf4beb4241657beb3af07c9b2373d7169
Analyzer Verdict Alert fortinet Phishing
GET /imgs/icons8-facebook-messenger.svg HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/svg+xml
Content-Length: 2438
Last-Modified: Sun, 03 Apr 2022 16:59:20 GMT
Connection: keep-alive
ETag: "6249d268-986"
Accept-Ranges: bytes
hotlive38.net/imgs/icons8-chat-64.png
200 OK 3.2 kB URL GET HTTP/1.1 hotlive38.net/imgs/icons8-chat-64.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 098f98c68956aee80ee2c446fb33af6a
a90cfc691c56d1fa251b38a320c7eddbaea06192
a02c3066676051b590e710c23d26b969628c1311d7986d767a33c6f0e4cf040a
GET /imgs/icons8-chat-64.png HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/png
Content-Length: 3216
Last-Modified: Sun, 03 Apr 2022 16:59:20 GMT
Connection: keep-alive
ETag: "6249d268-c90"
Expires: Wed, 14 Jun 2023 06:21:45 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
471 B IP
Hash f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 06:21:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
471 B IP
Hash 6d901fd352ab49daa6dff56bac4fd29e
d7509e526d5aa3c103c8fed009c4165b2899c7c3
c1b2014fb10e6bc0f3cd811616c66764c5dedecf413029f1a76d8bea999b0283
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 14 May 2023 00:05:49 GMT
Expires: Sun, 21 May 2023 00:05:48 GMT
Etag: "d7509e526d5aa3c103c8fed009c4165b2899c7c3"
Cache-Control: max-age=496265,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c7948576ea1b50b-OSL
api64.ipify.org/
200 OK 12 B IP
Certificate IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api64.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://hotlive38.net
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: http://hotlive38.net
content-type: text/plain
date: Mon, 15 May 2023 06:21:45 GMT
vary: Origin
content-length: 12
X-Firefox-Spdy: h2
hotlive38.net/favicon.ico
200 OK 17 kB URL GET HTTP/1.1 hotlive38.net/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash c878a11442544095a6f1c35b79dda925
7590a1a43c94ba8a0fa869106490a084e5642317
3c40e710dccae5e0cd2ebba7f9bec6470767e6e09540cdfa713e730cf3703751
GET /favicon.ico HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Cookie: _ga_7JEJQW3TTQ=GS1.1.1684131704.1.0.1684131704.0.0.0; _ga=GA1.1.2028972922.1684131704
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/x-icon
Content-Length: 16958
Last-Modified: Mon, 17 Oct 2022 11:26:17 GMT
Connection: keep-alive
ETag: "634d3bd9-423e"
Accept-Ranges: bytes
hotlive38.net/js/bg.JPG
200 OK 314 kB IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:04:04 14:52:58], progressive, precision 8, 680x1232, components 3\012- data
Size 314 kB (313572 bytes)
Hash a1777df591599b0ce8417994b315c087
48b89f1dbe716bc7c904b11955b9bf04145708fa
c80b3b0726494ee29515221e8f2bf781e2b12d61b9e61322c232a7f029ba85fa
Analyzer Verdict Alert fortinet Phishing
GET /js/bg.JPG HTTP/1.1
Host: hotlive38.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/js/m.css
Cookie: _ga_7JEJQW3TTQ=GS1.1.1684131704.1.0.1684131704.0.0.0; _ga=GA1.1.2028972922.1684131704
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 May 2023 06:21:45 GMT
Content-Type: image/jpeg
Content-Length: 313572
Last-Modified: Mon, 04 Apr 2022 07:18:21 GMT
Connection: keep-alive
ETag: "624a9bbd-4c8e4"
Accept-Ranges: bytes
fonts.googleapis.com/css2?family=Comfortaa&family=Cormorant+Garamond:ital,wght@0,500;1,400&family=Great+Vibes&family=Inter:wght@500&family=Itim&family=K2D&family=Kanit:wght@200&family=Mitr:wght@300&family=Noticia+Text:ital@1&family=Noto+Sans+Thai:wght@200;300;400&family=Nunito:wght@300&family=Oswald:wght@300&family=Pattaya&family=Playfair+Display+SC&family=Prompt:ital,wght@0,300;1,200&family=Roboto:wght@300;400&family=Source+Sans+Pro&family=Sriracha&display=swap
200 OK 39 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Comfortaa&family=Cormorant+Garamond:ital,wght@0,500;1,400&family=Great+Vibes&family=Inter:wght@500&family=Itim&family=K2D&family=Kanit:wght@200&family=Mitr:wght@300&family=Noticia+Text:ital@1&family=Noto+Sans+Thai:wght@200;300;400&family=Nunito:wght@300&family=Oswald:wght@300&family=Pattaya&family=Playfair+Display+SC&family=Prompt:ital,wght@0,300;1,200&family=Roboto:wght@300;400&family=Source+Sans+Pro&family=Sriracha&display=swap
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
Hash 94492e2e9e327666a0552f7944716601
2ec4deb79a7b2eb79a6b51a4e9cd958f210a0bb3
75248ee69ee9b393b54fd18b5793d1e3ce63128d4c2e8c19a84f99580f67cff5
GET /css2?family=Comfortaa&family=Cormorant+Garamond:ital,wght@0,500;1,400&family=Great+Vibes&family=Inter:wght@500&family=Itim&family=K2D&family=Kanit:wght@200&family=Mitr:wght@300&family=Noticia+Text:ital@1&family=Noto+Sans+Thai:wght@200;300;400&family=Nunito:wght@300&family=Oswald:wght@300&family=Pattaya&family=Playfair+Display+SC&family=Prompt:ital,wght@0,300;1,200&family=Roboto:wght@300;400&family=Source+Sans+Pro&family=Sriracha&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 15 May 2023 06:21:44 GMT
date: Mon, 15 May 2023 06:21:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
myhotlive.vip/js/zidongshibie.js
0 B URL GET myhotlive.vip/js/zidongshibie.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/zidongshibie.js HTTP/1.1
Host: myhotlive.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://hotlive38.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
34.124.134.248
163.171.140.79
172.64.155.188
0.0.0.0