firefox.settings.services.mozilla.com/v1/
18.164.68.8200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 08:05:36 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d07f455dc14de1d5060686170d34b904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 8A_LwuLBrHYQRqlRDC8UH-Mpb-M2v6x6zg3C1_c3KJeVBOPSg2j2BA==
Age: 1314
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9846
Expires: Sat, 24 Sep 2022 11:11:36 GMT
Date: Sat, 24 Sep 2022 08:27:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.39200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.39:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 59970c86d3717db509a968eaad0da4de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: frYEr9ndZ9qFEQcK6IyoxR4bvgihQFhGUsBweRxkxFlIKSujccYjqw==
age: 15267
X-Firefox-Spdy: h2
hotlive34.net/
34.124.134.248200 OK 4.6 kB IP 34.124.134.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash faa9183f680b81abb7a0a9c8e14e94e0
864c14f44cb1a4ccfdf96bed50e231900a5e913b
53a12b5e2493df8bbf6e698c330df187111e13f4f1455668fa19aeebc59ef620
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:30 GMT
Content-Type: text/html
Last-Modified: Tue, 29 Mar 2022 11:03:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6242e787-31d8"
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 08:27:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ssp.clickadu.com/swagger/clickadu/swagger-v2.json
62.122.171.14302 Found 138 B URL HTTP/2 ssp.clickadu.com/swagger/clickadu/swagger-v2.json
IP 62.122.171.14:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /swagger/clickadu/swagger-v2.json HTTP/1.1
Host: ssp.clickadu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 08:27:30 GMT
content-type: text/html
content-length: 138
location: https://adv.clickadu.com
x-request-id: ee8eed4eb43a44a6e62342ec66040e2f
X-Firefox-Spdy: h2
hotlive34.net/common/pc/css/top.css
34.124.134.248200 OK 2.9 kB URL HTTP/1.1 hotlive34.net/common/pc/css/top.css
IP 34.124.134.248:0
Hash 676f1c7f5689cda3baceeaeadc8e11dc
2aeef4e71fb2f30b36280a1b0d30ae53da6b78ed
4f7e54dd090846d3c63d636e89ffee39e56c4713533734500585c03861e83b25
GET /common/pc/css/top.css HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:30 GMT
Content-Type: text/css
Last-Modified: Fri, 11 Mar 2022 07:48:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622afed9-2dfa"
Expires: Sat, 24 Sep 2022 20:27:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/common/pc/css/style.css
34.124.134.248200 OK 2.9 kB URL HTTP/1.1 hotlive34.net/common/pc/css/style.css
IP 34.124.134.248:0
Hash 0397512cfadd00d94adfe6dda7ad39ec
945fb1b8501741e0fd6cf0d1394eb9a98b0e1c9a
7ec7692136327798002762c6fae10776c19150de4f46f47f691b1c7354ee18c5
GET /common/pc/css/style.css HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:30 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Feb 2022 11:09:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62122152-24e5"
Expires: Sat, 24 Sep 2022 20:27:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c8c18b39b5de28319ae65fdea0db5515
2cc33e3c9e88f86c4d793f09dcf01861b2633f97
f2679339f58823d443a11339f27a75fe13deecaaf96a66880d1769d2eb241238
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:32:15 GMT
Expires: Wed, 28 Sep 2022 08:32:14 GMT
Etag: "2cc33e3c9e88f86c4d793f09dcf01861b2633f97"
Cache-Control: max-age=345282,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fa242ef8e31bfe-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.8200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 08:21:03 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 08:49:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d07f455dc14de1d5060686170d34b904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: AQ58weI6Fm-Emt4eGeT5TCJMPwvoxJYsez_WHHaAdpGSfuNruHIh2A==
Age: 405
hotlive34.net/common/pc/js/slick.min.js
34.124.134.248200 OK 7.5 kB URL HTTP/1.1 hotlive34.net/common/pc/js/slick.min.js
IP 34.124.134.248:0
File type ASCII text, with very long lines (27126), with no line terminators
Hash 7def3a8e210207900c8dadba0d1e977b
2decc5a8b37ef2a2e0bb0b78b7f4194d151348b7
6c1f3a64eec43fea04f26ba3e24d989ef150945ddae6777c8417659b24b423a4
Analyzer Verdict Alert fortinet Phishing
GET /common/pc/js/slick.min.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Feb 2022 12:06:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620ce8c2-69f6"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/common/pc/js/top.js
34.124.134.248200 OK 772 B URL HTTP/1.1 hotlive34.net/common/pc/js/top.js
IP 34.124.134.248:0
Hash 0a76ec71fb84ac637b4a4a105cd48b93
63f3573844a347809c45c02c4da97161963106a5
f071d0c7b59e71e41510cdfd12da3e79a0af93aa2bf74992377380bfe66b4af7
Analyzer Verdict Alert fortinet Phishing
GET /common/pc/js/top.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Content-Length: 772
Last-Modified: Sun, 20 Feb 2022 06:52:58 GMT
Connection: keep-alive
ETag: "6211e54a-304"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
hotlive34.net/js/md5.js
34.124.134.248200 OK 3.4 kB IP 34.124.134.248:0
Hash fcecd72140f300d5c3e7a13d5b27a291
6e6c10786ad218bd421e4adc5919056744026ccc
0222f71f04b4d17dfbbf62059c0a01b2ccc9b309224098e8549ffde1f76cd084
Analyzer Verdict Alert fortinet Phishing
GET /js/md5.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 07:51:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229ae0e-2d26"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6489
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 08:27:31 GMT
Last-Modified: Sat, 24 Sep 2022 06:39:22 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
hotlive34.net/js/crypto-js.min.js
34.124.134.248200 OK 23 kB URL HTTP/1.1 hotlive34.net/js/crypto-js.min.js
IP 34.124.134.248:0
File type ASCII text, with CRLF line terminators
Hash 52d3eada479c35c52078b9872effa30e
9aa0a219b02599b3e2b11aaa73c3f5e8bce0fda9
fa26558cf1f523a8a37dff199dced37b76723d82a1da1aee4aca23ab918100ec
Analyzer Verdict Alert fortinet Phishing
GET /js/crypto-js.min.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 07:51:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229ae0e-11c44"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/js/mobile-detect.js
34.124.134.248200 OK 25 kB URL HTTP/1.1 hotlive34.net/js/mobile-detect.js
IP 34.124.134.248:0
File type ASCII text, with very long lines (5442)
Hash b838e337e4b4a6778b7addffdea9f4e8
e11b8e0f7fe07536ac4e7f5b4c3d931d50a7f214
8ace32ef0021efb3a72195edcb240b9dad9b831388caaccf094710fc0986e09d
Analyzer Verdict Alert fortinet Phishing
GET /js/mobile-detect.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 07:51:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229ae0e-10ef1"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/js/newmain.js
34.124.134.248200 OK 1.9 kB URL HTTP/1.1 hotlive34.net/js/newmain.js
IP 34.124.134.248:0
File type ASCII text, with very long lines (692)
Hash ed1ed761728f358adfa889455759588c
546bae848684e0d8a0172288090d30be7b600092
62068da528d7a9958735d25ba7533224fb7bd800b4bc020f3e314099083f8d0e
Analyzer Verdict Alert fortinet Phishing
GET /js/newmain.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 07:51:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229ae0e-122e"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/js/clipboard.js
34.124.134.248200 OK 6.3 kB URL HTTP/1.1 hotlive34.net/js/clipboard.js
IP 34.124.134.248:0
File type Unicode text, UTF-8 text, with very long lines (849)
Hash 0e2e0b7f32259de61fdcb160edd598eb
69464357cbf44f99606eda0143659b4de7eca435
df49db5c6021dab863b9a5493328ab1fc40d0ddb7d2bcdc763c92babd10fa116
Analyzer Verdict Alert fortinet Phishing
GET /js/clipboard.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 07:51:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229ae0d-6191"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/js/axios.js
34.124.134.248200 OK 13 kB URL HTTP/1.1 hotlive34.net/js/axios.js
IP 34.124.134.248:0
Hash e320e4108b1107bc4ac492ed37ea10a1
2783bd6e716c231f6c26943d1257ca5bcb135b66
f439ee4f1a4c3bd6aab0e3eb15cfbb5e729723980eed7997a85280178fb08eb8
Analyzer Verdict Alert fortinet Phishing
GET /js/axios.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Mar 2022 07:51:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229ae0d-b47d"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hotlive34.net/common/pc/js/script.js
34.124.134.248200 OK 268 B URL HTTP/1.1 hotlive34.net/common/pc/js/script.js
IP 34.124.134.248:0
File type ASCII text, with CRLF line terminators
Hash f5ee16dd03617d6f93fd8d9287f68566
b5b8ecee6dc2afca6f5e11470e5f036456fc5e78
d69105c48d5e492717867cacad7667f07862ac85dc2675c7dc51435309e09091
Analyzer Verdict Alert fortinet Phishing
GET /common/pc/js/script.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Content-Length: 268
Last-Modified: Wed, 16 Feb 2022 12:06:22 GMT
Connection: keep-alive
ETag: "620ce8be-10c"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
push.services.mozilla.com/
54.148.148.62101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.148.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rbR45lyd5kalnmiQpEwwsA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lhuhqbUsfkpfStf8N1Jv/669MJI=
hotlive34.net/common/js/jquery-1.11.1.min.js
34.124.134.248200 OK 45 kB URL HTTP/1.1 hotlive34.net/common/js/jquery-1.11.1.min.js
IP 34.124.134.248:0
File type ASCII text, with CRLF line terminators
Hash f0e87b0b98112f514612d428762c9242
e5a538cd163262e45635ea0af7fc0a1cf1e94bfd
6a1b4e862646beaf3f0f5736fc51171f6a0b062cb3039db36912bcee6f5226b2
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery-1.11.1.min.js HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:31 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Feb 2022 06:45:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6211e382-202ea"
Expires: Sat, 24 Sep 2022 20:27:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 19bd6556ae2f12130479854e25199b2f
29d9f6ccfcebb2f417a0d4117e4e8f19dcce79c6
e41ef9ea9f18a42bb7ce3e16b59e9934ef471dac566eadbc20d369535307a03f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E41EF9EA9F18A42BB7CE3E16B59E9934EF471DAC566EADBC20D369535307A03F"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Sat, 24 Sep 2022 11:24:38 GMT
Date: Sat, 24 Sep 2022 08:27:32 GMT
Connection: keep-alive
unphionetor.com/vctx?t=105217
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=105217
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=105217 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hotlive34.net
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 08:27:32 GMT
access-control-allow-origin: http://hotlive34.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 6f597f3edc525664c797b0fc056fb46b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
hotlive34.net/common/pc/img/logo.png
34.124.134.248200 OK 38 kB URL HTTP/1.1 hotlive34.net/common/pc/img/logo.png
IP 34.124.134.248:0
File type PNG image data, 490 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash a773fb82d6ebc9dd7144d4401774c2ee
a28a209f5c9535a726f77292e8818f7c0fd90b42
18e98da02058afd5f1f10436b0ca2cbb91e653d5d424331ddb8b4857e43ce57e
GET /common/pc/img/logo.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 38295
Last-Modified: Wed, 16 Feb 2022 15:21:28 GMT
Connection: keep-alive
ETag: "620d1678-9597"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d31bfd0e59207c57dace4f77a5012d95
2dd1d1e635c734e8e0b14ae38e06299562edb36c
f23c5d45e8b0ee79f32aef0a6ba1c25ef09915e1811cee90347c0def3c1a0d87
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 21:46:10 GMT
Expires: Wed, 28 Sep 2022 21:46:09 GMT
Etag: "2dd1d1e635c734e8e0b14ae38e06299562edb36c"
Cache-Control: max-age=392916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fa243738bd1bfe-OSL
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 2b310334a7e050a3630964e91e0450c9
109ba97cabcf0823a7ccec7988960de37a26989f
8b195b327842ec6030deb5862e31607d7016f1eacaa5f631e68314e6852d05ab
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: MISS
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=852
Date: Sat, 24 Sep 2022 08:27:32 GMT
Connection: keep-alive
X-N: S
api64.ipify.org/
108.171.202.203200 OK 12 B IP 108.171.202.203:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api64.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://hotlive34.net
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: text/plain
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://hotlive34.net
Vary: Origin
hotlive34.net/common/pc/img/service_img_secret.jpg
34.124.134.248200 OK 70 kB URL HTTP/1.1 hotlive34.net/common/pc/img/service_img_secret.jpg
IP 34.124.134.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=591], progressive, precision 8, 240x520, components 3\012- data
Hash 1ef54845d3339c051bc5ceb0d96c2819
b70168010f94b345f937f81baf27e89b78620800
50a402490798e3d950c14ab88b25f7e488f4b222171f16a4812453c57c0e86fc
GET /common/pc/img/service_img_secret.jpg HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/jpeg
Content-Length: 69616
Last-Modified: Sat, 19 Feb 2022 15:53:48 GMT
Connection: keep-alive
ETag: "6211128c-10ff0"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/service_img_timeline.jpg
34.124.134.248200 OK 59 kB URL HTTP/1.1 hotlive34.net/common/pc/img/service_img_timeline.jpg
IP 34.124.134.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=591], progressive, precision 8, 240x520, components 3\012- data
Hash 99afe81265d83836455c2c1fb9d7708e
e3693b19fe107af255a0ee4ee497fb5704b0ba79
bfeff5a180f64151de4f5cee6e47ba20267080c6ae58330fcf69c49ba57f8fd9
GET /common/pc/img/service_img_timeline.jpg HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/jpeg
Content-Length: 59061
Last-Modified: Sat, 19 Feb 2022 15:48:36 GMT
Connection: keep-alive
ETag: "62111154-e6b5"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Sat, 24 Sep 2022 09:11:51 GMT
Date: Sat, 24 Sep 2022 08:27:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Sat, 24 Sep 2022 09:11:51 GMT
Date: Sat, 24 Sep 2022 08:27:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Sat, 24 Sep 2022 09:11:51 GMT
Date: Sat, 24 Sep 2022 08:27:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b722574c0e6f63a78a19eff0f100ae4
96185aa90e560a4bd9462cef2e280561ee557413
c5b1012f1fca39d949f4b70e69b94bc6e03521d93ab8c38bb30d2c9c43bac633
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12087
x-amzn-requestid: 2779f1ce-50e8-4bdc-b8c2-6f87976a9daf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4WAYErZoAMFYrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd068-1f1831806dffda454e532ac8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:15:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wsZ5UX2rbxGMECRjV6NR4fTFrfj-jK94RDMZn0_SKU-DDYKHl8JgMw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:39:00 GMT
age: 13712
etag: "96185aa90e560a4bd9462cef2e280561ee557413"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 38346
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f727cc665bfa383779422949037a83a7
24d4dcad1590e79e89a1ffe343bd7fe616528c5a
72dc66286d9ea7b71b6c9a116ff69380a97253c73f1ba2a5b3da34790e321e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8907
x-amzn-requestid: 974b20af-4775-45bd-9e3f-55e5aa363c2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQRGPtIAMFZCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2734-18aebf577efb8aaa0182aeed;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ANAYROIRBWe_Y5TxqYp9IDnqnuOHQGjvyj1K8Z85m7C9DGCXXuQ-Cw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:31 GMT
age: 38341
etag: "24d4dcad1590e79e89a1ffe343bd7fe616528c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:27 GMT
age: 38345
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 38176
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 11584
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hotlive34.net/common/pc/img/step_img_2.png
34.124.134.248200 OK 293 kB URL HTTP/1.1 hotlive34.net/common/pc/img/step_img_2.png
IP 34.124.134.248:0
File type PNG image data, 262 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size 293 kB (292610 bytes)
Hash b21cd66e34feba8346e8797dec275e17
d271080047f386074c1715f79452e1bb6d7ee552
a0da298b6940d36251424cdafeef21a7da9e388579b962bf0e3da1ff5f632914
GET /common/pc/img/step_img_2.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 292610
Last-Modified: Sun, 20 Feb 2022 06:29:14 GMT
Connection: keep-alive
ETag: "6211dfba-47702"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/24hours.png
34.124.134.248200 OK 40 kB URL HTTP/1.1 hotlive34.net/common/pc/img/24hours.png
IP 34.124.134.248:0
File type PNG image data, 893 x 839, 8-bit/color RGBA, non-interlaced\012- data
Hash 77473840ba2c51f983427e578f94c613
390ce3fa1942cc6144a32953667d49b7f7fb96f3
c14f9dd893f194cb9a2a9a2f9de0ca67fd7e86a76e58edaa2b39c6dbb1df85e9
GET /common/pc/img/24hours.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 40054
Last-Modified: Thu, 24 Mar 2022 09:41:36 GMT
Connection: keep-alive
ETag: "623c3cd0-9c76"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 2b310334a7e050a3630964e91e0450c9
109ba97cabcf0823a7ccec7988960de37a26989f
8b195b327842ec6030deb5862e31607d7016f1eacaa5f631e68314e6852d05ab
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=872
Date: Sat, 24 Sep 2022 08:27:32 GMT
Connection: keep-alive
X-N: S
hotlive34.net/common/pc/img/service_img_chat.jpg
34.124.134.248200 OK 72 kB URL HTTP/1.1 hotlive34.net/common/pc/img/service_img_chat.jpg
IP 34.124.134.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=591], progressive, precision 8, 240x520, components 3\012- data
Hash f01012226d2d5d185a7ac6f3f2175555
7e4d5ce07ac58fbbc163de1e48153aa7f92e9ff8
710df0aa17cfa2ce5ba1ea0b0653eb8facb9bdacd2656ba29714425cc964d053
GET /common/pc/img/service_img_chat.jpg HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:33 GMT
Content-Type: image/jpeg
Content-Length: 71890
Last-Modified: Sat, 19 Feb 2022 15:47:30 GMT
Connection: keep-alive
ETag: "62111112-118d2"
Expires: Mon, 24 Oct 2022 08:27:33 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/step_img_3.png
34.124.134.248200 OK 238 kB URL HTTP/1.1 hotlive34.net/common/pc/img/step_img_3.png
IP 34.124.134.248:0
File type PNG image data, 262 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size 238 kB (237977 bytes)
Hash 7a6d4d11248e07cecd0a9fc217df886f
98007bd5d0ce99f7520a120e83e86648f202810a
e7340594ec6955c6d60f05f75919557b81ace601344f4fa934abf597e17825ed
GET /common/pc/img/step_img_3.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 237977
Last-Modified: Sun, 20 Feb 2022 06:31:16 GMT
Connection: keep-alive
ETag: "6211e034-3a199"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/step_img_1.png
34.124.134.248200 OK 284 kB URL HTTP/1.1 hotlive34.net/common/pc/img/step_img_1.png
IP 34.124.134.248:0
File type PNG image data, 262 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size 284 kB (283510 bytes)
Hash bc8675ed463d29f4805c5110d0c7469f
19bf40a404f3ee22d001fa901537a1f61f0efe05
907a3e1a2c22fe9026fcf6b850a5091053c6399875d9b8b1d4162f109272d9d3
GET /common/pc/img/step_img_1.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 283510
Last-Modified: Sun, 20 Feb 2022 06:27:46 GMT
Connection: keep-alive
ETag: "6211df62-45376"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/campaign_img.png
34.124.134.248200 OK 304 kB URL HTTP/1.1 hotlive34.net/common/pc/img/campaign_img.png
IP 34.124.134.248:0
File type PNG image data, 541 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 304 kB (304440 bytes)
Hash 6eed92d99cfa305bb685aaf536ba47e9
3247aa955422335092346017ca95fed538938f3c
f390545860907a8703680930e1a4165b0de8895cde6488f4c31df9b7a6b94cae
GET /common/pc/img/campaign_img.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 304440
Last-Modified: Wed, 12 Jan 2022 09:31:40 GMT
Connection: keep-alive
ETag: "61de9ffc-4a538"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
myhotlive.com/Vietnam/images/AN.gif
118.26.111.74200 OK 251 kB URL HTTP/1.1 myhotlive.com/Vietnam/images/AN.gif
IP 118.26.111.74:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type GIF image data, version 89a, 233 x 97\012- data
Size 251 kB (251449 bytes)
Hash 64e6d220e5ae33f00961a79d34ff9719
ea43480cbfd6234422d8555580220b7de249f94b
19cf0f733cfc3bbd845b7b126b0b8f41edc5cc447e2e008910cdba16f5c4e32d
GET /Vietnam/images/AN.gif HTTP/1.1
Host: myhotlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/gif
Content-Length: 251449
Last-Modified: Fri, 14 Jan 2022 09:31:08 GMT
Connection: keep-alive
ETag: "61e142dc-3d639"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
myhotlive.com/Vietnam/images/IOS.gif
118.26.111.74200 OK 230 kB URL HTTP/1.1 myhotlive.com/Vietnam/images/IOS.gif
IP 118.26.111.74:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type GIF image data, version 89a, 233 x 97\012- data
Size 230 kB (230485 bytes)
Hash 50dd94458efc4251c9407461c6080d3c
f5a5fd21cc79cb5429d697f8deb6214130d2ddb7
f0eeb5fa46a70b2e57143e8dd7ec27201408637feab180f712d7751ce3e3a9d3
GET /Vietnam/images/IOS.gif HTTP/1.1
Host: myhotlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:33 GMT
Content-Type: image/gif
Content-Length: 230485
Last-Modified: Fri, 14 Jan 2022 09:31:08 GMT
Connection: keep-alive
ETag: "61e142dc-38455"
Expires: Mon, 24 Oct 2022 08:27:33 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
unphionetor.com/vbri?t=105217&bid=undefined&aid=undefined&tp=4076
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=105217&bid=undefined&aid=undefined&tp=4076
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=105217&bid=undefined&aid=undefined&tp=4076 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hotlive34.net
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 08:27:34 GMT
access-control-allow-origin: http://hotlive34.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 31d324ffbf52f33417628e5e9302e310
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
hotlive34.net/common/pc/img/lg.png
34.124.134.248200 OK 26 kB URL HTTP/1.1 hotlive34.net/common/pc/img/lg.png
IP 34.124.134.248:0
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 947f09522b9aa94e504484d5c2dc5886
d66f7b93ba04139b61c53af6428f00f332a307fd
82eb953ba24cd42485449a09feb9b95b032d3cf886cb660aedef1793f62ba053
GET /common/pc/img/lg.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:34 GMT
Content-Type: image/png
Content-Length: 25738
Last-Modified: Sat, 31 Jul 2021 07:01:06 GMT
Connection: keep-alive
ETag: "6104f532-648a"
Expires: Mon, 24 Oct 2022 08:27:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/1.png
34.124.134.248200 OK 604 kB URL HTTP/1.1 hotlive34.net/common/pc/img/1.png
IP 34.124.134.248:0
File type PNG image data, 500 x 565, 8-bit/color RGBA, non-interlaced\012- data
Size 604 kB (604038 bytes)
Hash 6a5a8476bffc0245f1cad2de4018133b
b75bd8d0985d55328e03f678ba463e2eae1a6b71
256cca4c64a0381a013b70917868b830d230700d9303ece44f94ee080df5934c
GET /common/pc/img/1.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:33 GMT
Content-Type: image/png
Content-Length: 604038
Last-Modified: Sun, 20 Feb 2022 06:20:44 GMT
Connection: keep-alive
ETag: "6211ddbc-93786"
Expires: Mon, 24 Oct 2022 08:27:33 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hotlive34.net/common/pc/img/2.png
34.124.134.248200 OK 834 kB URL HTTP/1.1 hotlive34.net/common/pc/img/2.png
IP 34.124.134.248:0
File type PNG image data, 590 x 667, 8-bit/color RGBA, non-interlaced\012- data
Size 834 kB (833699 bytes)
Hash 68a7896c6bc75322ecd82c3d25128e84
9e0e6d1d02a3c9cb2cb5860f3a3d81669487c049
430e6f01c42a1f7778b59d887798d9c3b1c69e22fe96e8af7bd0251dac918a5a
GET /common/pc/img/2.png HTTP/1.1
Host: hotlive34.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hotlive34.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 08:27:32 GMT
Content-Type: image/png
Content-Length: 833699
Last-Modified: Sun, 20 Feb 2022 06:52:38 GMT
Connection: keep-alive
ETag: "6211e536-cb8a3"
Expires: Mon, 24 Oct 2022 08:27:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
unphionetor.com/vbl?t=105217&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=105217&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=105217&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hotlive34.net
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 08:27:34 GMT
access-control-allow-origin: http://hotlive34.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9ad147a83434990fae9d39f27f845abf
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
adv.clickadu.com/
62.122.171.14200 OK 0 B IP 62.122.171.14:0
GET / HTTP/1.1
Host: adv.clickadu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hotlive34.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 08:27:31 GMT
content-type: text/html
last-modified: Tue, 20 Sep 2022 16:35:08 GMT
vary: Accept-Encoding
etag: W/"6329ebbc-2095"
content-encoding: gzip
x-request-id: 1caba6825eff607cdd257c60f3681a9e
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=105217
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=105217
IP 139.45.197.240:0
GET /fv.js?t=105217 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hotlive34.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 08:27:31 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bf3b0b685ff820222497a776b55b6a30
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2