firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 12:10:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _Ws7Hog7ZOQPIwCt2d2Hq5y3gG9V96z6y7m6Sqm9ENbkEIWLbD5jEg==
Age: 174
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Thu, 15 Sep 2022 12:49:21 GMT
Date: Thu, 15 Sep 2022 12:13:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: skm2iZFCqZ0YbEHNHcD933Qw2zffMtb3BElPSwFDX33LhsqeZw93Jg==
age: 27484
X-Firefox-Spdy: h2
h96.live/
128.1.44.155200 OK 3.9 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8145594bf3fe330324d0e866c6cc7da4
dffdbcbc9bb0a0ac4dd75131609fe31a17c96c22
eea6aed653955111d95da98d4f0602cb6d60c2e0eef0e132977a7257511882e4
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:19 GMT
Content-Type: text/html
Last-Modified: Sun, 30 Jan 2022 07:05:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61f638be-34e3"
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 12:13:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
h96.live/css/m.css
128.1.44.155200 OK 5.5 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash cc77f4bdaaebb4fcb67514a469b93070
9d936031126422e8bf2b3f793fe0a9576d7a0fd2
1685d64d55eac86ebbd842d01fc14b0f46ef403b1b27d034d831942911fdbcdf
GET /css/m.css HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:19 GMT
Content-Type: text/css
Last-Modified: Sat, 13 Nov 2021 13:49:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"618fc25c-671e"
Expires: Fri, 16 Sep 2022 00:13:19 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
h96.live/css/swiper.min.css
128.1.44.155200 OK 3.7 kB URL HTTP/1.1 h96.live/css/swiper.min.css
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type ASCII text, with very long lines (1467), with CRLF, LF line terminators
Hash 1dc88e7343536b78fb6680865e5f204a
4ae87307b6dad22922644c8bf8375ee13169a5ef
987d591891eca26aa57207b238b8b2bf6967d6c68b7247beed4eee445e891fc8
GET /css/swiper.min.css HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:19 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Sep 2021 14:18:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6142009e-56ad"
Expires: Fri, 16 Sep 2022 00:13:19 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 12:03:22 GMT
Expires: Thu, 15 Sep 2022 12:58:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zlJWStTTkZMVuGkpQd68UrX3bnTDKMUkHK3Gr_xbyeOzg_DjXs2sHQ==
Age: 598
h96.live/js/flexible.js
128.1.44.155200 OK 1.1 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type Unicode text, UTF-8 text, with very long lines (2435), with CRLF line terminators
Hash afc653aa2a002a71095b6900dcbebb02
b13c33af769cc52a41f57a32563a9796557c606f
129d7e79c3842a6a3434e191660f6f133bd1ed0ffad150a024cacd06a7d90aff
Analyzer Verdict Alert fortinet Phishing
GET /js/flexible.js HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:20 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Aug 2021 22:37:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610db9b2-9b1"
Expires: Fri, 16 Sep 2022 00:13:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5260
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 12:13:20 GMT
Last-Modified: Thu, 15 Sep 2022 10:45:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
h96.live/js/jquery-3.4.1.min.js
128.1.44.155200 OK 34 kB URL HTTP/1.1 h96.live/js/jquery-3.4.1.min.js
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type ASCII text, with very long lines (65451)
Hash 45088a63622db0550345f7aa58c3e3bb
4bf834aedeaac7a1919bdb5b6ee17419b9181171
c7ca6923bc404e521d3690b3a2e7464c3c6e3e6bc618ca7cd7d6910fb188938f
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-3.4.1.min.js HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:20 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Aug 2021 22:37:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610db9b2-15851"
Expires: Fri, 16 Sep 2022 00:13:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
h96.live/js/swiper.min.js
128.1.44.155200 OK 41 kB URL HTTP/1.1 h96.live/js/swiper.min.js
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type ASCII text, with very long lines (65280)
Hash d5f9930e928fdff2666cf39d8a81107c
a7ce3649f1aa7acb42061a5ef77f26e51a82b225
af58c2d320dfa9639e99738f1aea290ce75bd4c2a021fbf322e6a0916f397d4a
Analyzer Verdict Alert fortinet Phishing
GET /js/swiper.min.js HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:20 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Aug 2021 22:37:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610db9b2-21d03"
Expires: Fri, 16 Sep 2022 00:13:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7imcC1gj5N4Y1hYiNeE5kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rW2OHnefB47hxmUrC5YVhHFrTiA=
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b9715f02fc09eccecd6337a93fe5ab66
d3d51912a976e7415a0b599aa758d7a12295e5fa
cf74ecee9df1d8c5c716be4f96fae2de9de02238f428cb67d9640d67302fa462
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 12:13:21 GMT
Ali-Swift-Global-Savetime: 1663244001
Via: cache9.l2de2[105,104,200-0,M], cache9.l2de2[105,0], cache2.se1[126,125,200-0,M], cache2.se1[127,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 15 Sep 2022 12:13:21 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616632440018043124e
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2368
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 12:13:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 49002
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 52096
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 51996
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb7c9c7f4257ab79526157f3ba507d6e
098d000aebd7ba0637fe420b9dfdacd2146af240
74fd95bcffcaf6919e8bca4184978340bef089528f9d184e7d88e1fd4c83288b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6484
x-amzn-requestid: cefd7270-c8ca-4ced-b9bd-52353fbefa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBIIUHOZIAMF9wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316ba35-7d4c4c53090c83ea3fadbf4e;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 03:10:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V0CJvbFSNJT2eHVOeCkdZNStr6eZg3EO0YTNyTUsmiirYMm9gfzBKg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 51996
etag: "098d000aebd7ba0637fe420b9dfdacd2146af240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 57104
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb961f65f-5b81-44f3-851d-bafffccf0ae1.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb961f65f-5b81-44f3-851d-bafffccf0ae1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 528c3605e00eb3cf84d85a4ed34a3e46
1da888b7fe22e67e845f3acd24ae47621ae23dd9
31bbd3e8ee3f0d3e0d4137dca7db1f2d3c92fdc203e4d1dbf5980cdb9124a07d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb961f65f-5b81-44f3-851d-bafffccf0ae1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6558
x-amzn-requestid: 098e96ca-8295-4321-ab89-99d3e78badb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeDRIF7poAMFwHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63224c07-520eb2ff31e299f05e472ab8;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:47:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VnjLjBN7XjBsD2NIC6Ur8uoqkiuIkRlMtA1xpO82DhaKjZuC-hnAaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:48:19 GMT
age: 51902
etag: "1da888b7fe22e67e845f3acd24ae47621ae23dd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b9715f02fc09eccecd6337a93fe5ab66
d3d51912a976e7415a0b599aa758d7a12295e5fa
cf74ecee9df1d8c5c716be4f96fae2de9de02238f428cb67d9640d67302fa462
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 12:13:21 GMT
Ali-Swift-Global-Savetime: 1663244002
Via: cache12.l2de2[190,189,200-0,M], cache12.l2de2[190,0], cache4.se1[213,213,200-0,M], cache4.se1[215,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 15 Sep 2022 12:13:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816632440018026077e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b9715f02fc09eccecd6337a93fe5ab66
d3d51912a976e7415a0b599aa758d7a12295e5fa
cf74ecee9df1d8c5c716be4f96fae2de9de02238f428cb67d9640d67302fa462
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 12:13:21 GMT
Ali-Swift-Global-Savetime: 1663244002
Via: cache26.l2de2[190,189,200-0,M], cache26.l2de2[192,0], cache5.se1[215,214,200-0,M], cache5.se1[217,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 15 Sep 2022 12:13:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916632440018031572e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b9715f02fc09eccecd6337a93fe5ab66
d3d51912a976e7415a0b599aa758d7a12295e5fa
cf74ecee9df1d8c5c716be4f96fae2de9de02238f428cb67d9640d67302fa462
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 12:13:21 GMT
Ali-Swift-Global-Savetime: 1663244002
Via: cache12.l2de2[204,204,200-0,M], cache12.l2de2[205,0], cache2.se1[227,227,200-0,M], cache2.se1[229,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 15 Sep 2022 12:13:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616632440018043126e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b9715f02fc09eccecd6337a93fe5ab66
d3d51912a976e7415a0b599aa758d7a12295e5fa
cf74ecee9df1d8c5c716be4f96fae2de9de02238f428cb67d9640d67302fa462
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 12:13:21 GMT
Ali-Swift-Global-Savetime: 1663244002
Via: cache2.l2de2[207,206,200-0,M], cache2.l2de2[207,0], cache5.se1[229,229,200-0,M], cache5.se1[231,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 15 Sep 2022 12:13:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916632440018031573e
app-pic.hkg.bcebos.com/myhotlive/js/newmain.js
180.76.12.15200 OK 4.7 kB URL HTTP/1.1 app-pic.hkg.bcebos.com/myhotlive/js/newmain.js
IP 180.76.12.15:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (692)
Hash f6e18f643b009c21fa6aa157b08b3de2
b34d8dc7254cf2bc2a3166bc3e8fa5e13cb106bc
af8518ce6acfc8fd324607d7e9ee17577d248e1b3b39597927ff8f1ab8c4460d
GET /myhotlive/js/newmain.js HTTP/1.1
Host: app-pic.hkg.bcebos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:22 GMT
Content-Type: text/javascript
Content-Length: 4654
Connection: keep-alive
Content-MD5: 9uGPZDsAnCH6aqFXsIs94g==
ETag: "f6e18f643b009c21fa6aa157b08b3de2"
Expires: Sun, 18 Sep 2022 12:13:22 GMT
Last-Modified: Tue, 29 Mar 2022 06:52:44 GMT
Server: BceBos
x-bce-content-crc32: 71645219
x-bce-debug-id: +ExZjMjSf/e6wTn2QvixgbGJtjHYEQfAmWiGGSNZpTD8B8sjJsjdTh/D8fsV1B4KAp1EvdyzjlykGjTkhosdQg==
x-bce-request-id: 48be5ba8-bb1f-42d8-af15-d83b8785140d
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
app-pic.hkg.bcebos.com/myhotlive/js/md5.js
180.76.12.15200 OK 12 kB URL HTTP/1.1 app-pic.hkg.bcebos.com/myhotlive/js/md5.js
IP 180.76.12.15:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash e41e6940888f4bfd468e70a22d1b0b03
2b239b97303f439a429017781d584b399d8189f9
e63fc7893bbf52a881cf3af4d5ed1ac4733427b4bf24aee86b19d97634c74006
GET /myhotlive/js/md5.js HTTP/1.1
Host: app-pic.hkg.bcebos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:22 GMT
Content-Type: text/javascript
Content-Length: 11558
Connection: keep-alive
Content-MD5: 5B5pQIiPS/1GjnCiLRsLAw==
ETag: "e41e6940888f4bfd468e70a22d1b0b03"
Expires: Sun, 18 Sep 2022 12:13:22 GMT
Last-Modified: Tue, 29 Mar 2022 06:52:43 GMT
Server: BceBos
x-bce-content-crc32: 3765458455
x-bce-debug-id: OhQvQVE5gbLH8aQQkaynSSct+NVFT4/XeCqZaZQXZbyWcU7NQvQMcPrHp7Qy4DqnUyoPiMTv3yz9LGOuXB4hBg==
x-bce-request-id: 45be61e4-4111-4f45-9d30-b42a644b23eb
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
app-pic.hkg.bcebos.com/myhotlive/js/clipboard.js
180.76.12.15200 OK 25 kB URL HTTP/1.1 app-pic.hkg.bcebos.com/myhotlive/js/clipboard.js
IP 180.76.12.15:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (849)
Hash faf3899bbeb86222023e38e391d9dd7b
96a6f9c6c081194a8efd6fb7859ade479a7827e0
3912af75d464826d0cd391517bffa7b1059e6081e97d73b188ecf36e13c4bd2d
GET /myhotlive/js/clipboard.js HTTP/1.1
Host: app-pic.hkg.bcebos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:22 GMT
Content-Type: text/javascript
Content-Length: 24977
Connection: keep-alive
Content-MD5: +vOJm764YiICPjjjkdndew==
ETag: "faf3899bbeb86222023e38e391d9dd7b"
Expires: Sun, 18 Sep 2022 12:13:22 GMT
Last-Modified: Tue, 29 Mar 2022 06:52:42 GMT
Server: BceBos
x-bce-content-crc32: 1465887017
x-bce-debug-id: brXUxGbftIDLsWDULaPZ6p77aWev07dYSPaLt9TC7W9KH4tN4w62h4iIBa38GcUn5Et90/H/FV3TtuQfL1TKwQ==
x-bce-request-id: f919ffe6-260c-4f86-a8dd-2cb7dc2d67fb
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
app-pic.hkg.bcebos.com/myhotlive/js/axios.js
180.76.12.15200 OK 46 kB URL HTTP/1.1 app-pic.hkg.bcebos.com/myhotlive/js/axios.js
IP 180.76.12.15:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash 73fcc4182a225c2dcb1d8dde1538535f
9e4b16aede9e9e593cd4d8f7e15a17bec8fac22f
6ddf1720acebb722753b94a1dd7a771a2b8c233582e3665e92facc303e06c518
GET /myhotlive/js/axios.js HTTP/1.1
Host: app-pic.hkg.bcebos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:22 GMT
Content-Type: text/javascript
Content-Length: 46205
Connection: keep-alive
Content-MD5: c/zEGCoiXC3LHY3eFThTXw==
ETag: "73fcc4182a225c2dcb1d8dde1538535f"
Expires: Sun, 18 Sep 2022 12:13:22 GMT
Last-Modified: Tue, 29 Mar 2022 06:52:42 GMT
Server: BceBos
x-bce-content-crc32: 1645293965
x-bce-debug-id: fe+N/FgNYT0DrSuhpOdifeVn4/LHIqPGRaJHVWYSXlw8vyPyy8BHqzgI084c4Uc5HvkK4GzBcIbSSFDIhn6jEg==
x-bce-request-id: a9d458c8-98c8-426e-a474-f362b5f85d71
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
app-pic.hkg.bcebos.com/myhotlive/js/mobile-detect.js
180.76.12.15200 OK 69 kB URL HTTP/1.1 app-pic.hkg.bcebos.com/myhotlive/js/mobile-detect.js
IP 180.76.12.15:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (5442)
Hash b251f1ce17e8c1ff9e4d789491ce4d09
cb6ef599821039af443f09ffe2716995fb6359e8
721be7bfa8a886bff0050dae7b71f892991d3fad6b2d19a2986ba776b6b41fa3
GET /myhotlive/js/mobile-detect.js HTTP/1.1
Host: app-pic.hkg.bcebos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:22 GMT
Content-Type: text/javascript
Content-Length: 69361
Connection: keep-alive
Content-MD5: slHxzhfowf+eTXiUkc5NCQ==
ETag: "b251f1ce17e8c1ff9e4d789491ce4d09"
Expires: Sun, 18 Sep 2022 12:13:22 GMT
Last-Modified: Tue, 29 Mar 2022 06:52:43 GMT
Server: BceBos
x-bce-content-crc32: 618240433
x-bce-debug-id: A9BppauMgBlwgFVMPhdW62WJxI/ULPaczPSgevF2tZVXSyZopH5czuoOQ5UNYaJAgQHA8Hf5LIsEveYLoQlfRw==
x-bce-request-id: 1ac791ef-f00d-4499-af89-2138d8fe1008
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
app-pic.hkg.bcebos.com/myhotlive/js/crypto-js.min.js
180.76.12.15200 OK 73 kB URL HTTP/1.1 app-pic.hkg.bcebos.com/myhotlive/js/crypto-js.min.js
IP 180.76.12.15:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 1bdaf4ec83eb86fda215202fad4f53ec
12deed7327c4e251875f7bb420a2ff5450909035
37dea0d41f112010a49f472f89910bee43c9ef6691a24e99ab9f252bd1b60f2d
GET /myhotlive/js/crypto-js.min.js HTTP/1.1
Host: app-pic.hkg.bcebos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:22 GMT
Content-Type: text/javascript
Content-Length: 72772
Connection: keep-alive
Content-MD5: G9r07IPrhv2iFSAvrU9T7A==
ETag: "1bdaf4ec83eb86fda215202fad4f53ec"
Expires: Sun, 18 Sep 2022 12:13:22 GMT
Last-Modified: Tue, 29 Mar 2022 06:52:42 GMT
Server: BceBos
x-bce-content-crc32: 2404287120
x-bce-debug-id: MYYojBvowYYRrEWWbfcQx6KkTrM05gy859GkYyLM4TZX0UmQ2ZGYaQosTFjgXusqw92P8z+7gmusl+KeCDrVhw==
x-bce-request-id: 03b37cee-4f00-40c4-b064-5326e8814f0c
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 817ae2f84d770515905ee2e9857639f6
067cb1dc3cbded220443d51bd30bfb92bbd35ecd
7bb9ed5d0a8878fd885c47e5e914331e65d92d29323d352dde418a2da82ad08d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 21:46:09 GMT
Expires: Wed, 21 Sep 2022 21:46:08 GMT
Etag: "067cb1dc3cbded220443d51bd30bfb92bbd35ecd"
Cache-Control: max-age=552163,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b146b1187b0b45-OSL
h96.live/images/cq01.jpeg
128.1.44.155200 OK 78 kB URL HTTP/1.1 h96.live/images/cq01.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=350, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], baseline, precision 8, 350x350, components 3\012- data
Hash 4368b33bce7119d969a53a5957ef89a8
52a2292407d8716d906806281c1f5585cb630c24
c313cf5dc7b1ab9d7a92228c8e17b8cb4396e5ffc50db24bbd8b94a2539aa8dd
Analyzer Verdict Alert fortinet Phishing
GET /images/cq01.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:23 GMT
Content-Type: image/jpeg
Content-Length: 78239
Last-Modified: Fri, 15 Oct 2021 07:09:52 GMT
Connection: keep-alive
ETag: "61692940-1319f"
Expires: Sat, 15 Oct 2022 12:13:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
api64.ipify.org/
108.171.202.203200 OK 12 B IP 108.171.202.203:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api64.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://h96.live
Connection: keep-alive
Referer: http://h96.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: text/plain
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://h96.live
Vary: Origin
h96.live/images/1-min.jpeg
128.1.44.155200 OK 207 kB URL HTTP/1.1 h96.live/images/1-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=491, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=654], baseline, precision 8, 654x491, components 3\012- data
Size 207 kB (207426 bytes)
Hash 42c0fdb7fc66945a77e08cb984a9c1fc
a59dcc0b6591904934b428397856af1030212a30
9abe288f13c72c2beb086f806545fe9a87f650d1083b1775dd781c9185dca321
Analyzer Verdict Alert fortinet Phishing
GET /images/1-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:23 GMT
Content-Type: image/jpeg
Content-Length: 207426
Last-Modified: Fri, 15 Oct 2021 07:05:18 GMT
Connection: keep-alive
ETag: "6169282e-32a42"
Expires: Sat, 15 Oct 2022 12:13:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq02.jpeg
128.1.44.155200 OK 83 kB URL HTTP/1.1 h96.live/images/cq02.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=350, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], baseline, precision 8, 350x350, components 3\012- data
Hash 10085f5114e91dd12c13e8641718625a
a21d761cc1b26399ee82c1c2c6662650b8b5cd08
ea0e6536d9a0e46251a8809025dc48dbe566e28247e21e0c170fb9b4ebb668f5
Analyzer Verdict Alert fortinet Phishing
GET /images/cq02.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 83051
Last-Modified: Fri, 15 Oct 2021 07:09:56 GMT
Connection: keep-alive
ETag: "61692944-1446b"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/3-min.jpeg
128.1.44.155200 OK 168 kB URL HTTP/1.1 h96.live/images/3-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=491, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=654], baseline, precision 8, 654x491, components 3\012- data
Size 168 kB (168377 bytes)
Hash fa49fcff82219cc3a98dbc933717ba91
72a8321e5a6abdf0034651601a9e92c0754a57ee
32c4a72b1f46996d2bde806994150ba899ff67c8951b8e12638d71dc7497b6fa
Analyzer Verdict Alert fortinet Phishing
GET /images/3-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:23 GMT
Content-Type: image/jpeg
Content-Length: 168377
Last-Modified: Fri, 15 Oct 2021 07:05:28 GMT
Connection: keep-alive
ETag: "61692838-291b9"
Expires: Sat, 15 Oct 2022 12:13:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/4-min.jpeg
128.1.44.155200 OK 185 kB URL HTTP/1.1 h96.live/images/4-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=491, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=654], baseline, precision 8, 654x491, components 3\012- data
Size 185 kB (184704 bytes)
Hash f2b6267fbe4997b2ecffb0ddcd6f8e0f
d241a07733ac4a6949bd67acfcdd3029244e2a77
53cdb8a7e5519965ee220274258e6a435bd1a3d1518e8dd788e6be98cd18eec5
Analyzer Verdict Alert fortinet Phishing
GET /images/4-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:23 GMT
Content-Type: image/jpeg
Content-Length: 184704
Last-Modified: Fri, 15 Oct 2021 07:05:30 GMT
Connection: keep-alive
ETag: "6169283a-2d180"
Expires: Sat, 15 Oct 2022 12:13:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/2-min.jpeg
128.1.44.155200 OK 221 kB URL HTTP/1.1 h96.live/images/2-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=491, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=654], baseline, precision 8, 654x491, components 3\012- data
Size 221 kB (220645 bytes)
Hash 92d19dba0644a9fef20efdcb670683bd
bc32aa85bca93eaa8ec66bc820751ef37d060a34
daf3d85d9b04015a0c66c5fcadd12bfeaf11594570298003ec377c2b847953ca
Analyzer Verdict Alert fortinet Phishing
GET /images/2-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:23 GMT
Content-Type: image/jpeg
Content-Length: 220645
Last-Modified: Fri, 15 Oct 2021 07:05:24 GMT
Connection: keep-alive
ETag: "61692834-35de5"
Expires: Sat, 15 Oct 2022 12:13:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq03.jpeg
128.1.44.155200 OK 82 kB URL HTTP/1.1 h96.live/images/cq03.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=350, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], baseline, precision 8, 350x350, components 3\012- data
Hash 0ba771718f29ffb5743665d2798c90d3
972327e14269ec3e8e6b37fd630f0304f2557d9c
70e0e72083f1d67c28e0e0dc2952d19cd7f3f1b92f173131ca110516181cfe86
Analyzer Verdict Alert fortinet Phishing
GET /images/cq03.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 81576
Last-Modified: Fri, 15 Oct 2021 07:09:58 GMT
Connection: keep-alive
ETag: "61692946-13ea8"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq04.jpeg
128.1.44.155200 OK 96 kB URL HTTP/1.1 h96.live/images/cq04.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=350, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], baseline, precision 8, 350x350, components 3\012- data
Hash 8f4dee2b90f4355123c25a43fac0f7e0
eb99ad6c385fbb2deac3c6915b78ab2a7a65ee14
18615af71da76f6220770c702596f33e9902685372751ad084c0f8b4fc8f6e4c
Analyzer Verdict Alert fortinet Phishing
GET /images/cq04.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 96040
Last-Modified: Fri, 15 Oct 2021 07:10:02 GMT
Connection: keep-alive
ETag: "6169294a-17728"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq06.jpeg
128.1.44.155200 OK 86 kB URL HTTP/1.1 h96.live/images/cq06.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=350, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], baseline, precision 8, 350x350, components 3\012- data
Hash fabfceddf717e3da7214779dbfe30d6a
664129fef80c53c61d7dadb775ab78fcb2df84c1
b64cc70a67f681661be8be1e400750557fa534e973ac32248c8c8ea178ce1338
Analyzer Verdict Alert fortinet Phishing
GET /images/cq06.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 85978
Last-Modified: Fri, 15 Oct 2021 07:10:08 GMT
Connection: keep-alive
ETag: "61692950-14fda"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/t1-min.jpeg
128.1.44.155200 OK 75 kB URL HTTP/1.1 h96.live/images/t1-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x300, components 3\012- data
Hash d488356010eb43ebff59066d8d5849b3
acfac42352066c76f061b4bf9854f922be4bd6f3
bbb4fd51b8ed85a2532274b95c43b40c7dd9026a49b47741f9bdc919bdea87d7
Analyzer Verdict Alert fortinet Phishing
GET /images/t1-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 75374
Last-Modified: Fri, 15 Oct 2021 07:10:46 GMT
Connection: keep-alive
ETag: "61692976-1266e"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/t2-min.jpeg
128.1.44.155200 OK 87 kB URL HTTP/1.1 h96.live/images/t2-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x300, components 3\012- data
Hash be357ca7ecc237e95e6eb442e98c991c
28b021f64de6a91facee1a3930a02300cb71ddbb
3ee1687b835e7a94e6a9d38b2cc2b1bebf9fe52e8231edb3045a40784bc97d6d
Analyzer Verdict Alert fortinet Phishing
GET /images/t2-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 86560
Last-Modified: Fri, 15 Oct 2021 07:10:50 GMT
Connection: keep-alive
ETag: "6169297a-15220"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/t3-min.jpeg
128.1.44.155200 OK 92 kB URL HTTP/1.1 h96.live/images/t3-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x300, components 3\012- data
Hash a5b8ae654c21f0a1c7d1bc8203d45855
c20c8dc53bdedb594d7b751e3ac41dd4b3c6acb8
b1e7b5343601bfa0f53908822a44e2df423d5e92df84c4714a9d776c3b4943be
Analyzer Verdict Alert fortinet Phishing
GET /images/t3-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 92001
Last-Modified: Fri, 15 Oct 2021 07:10:52 GMT
Connection: keep-alive
ETag: "6169297c-16761"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/t4-min.jpeg
128.1.44.155200 OK 89 kB URL HTTP/1.1 h96.live/images/t4-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x300, components 3\012- data
Hash 2af26b49a22d2c5ce9750258054182fc
8a35e1eb6d131acdfb5da654dfb6f5323f8d1aa3
2f4faecacadb36602e32b5184e84040459a09586264356dd92c78fc3d142953d
Analyzer Verdict Alert fortinet Phishing
GET /images/t4-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 89052
Last-Modified: Fri, 15 Oct 2021 07:10:56 GMT
Connection: keep-alive
ETag: "61692980-15bdc"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq05.jpeg
128.1.44.155200 OK 92 kB URL HTTP/1.1 h96.live/images/cq05.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=350, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], baseline, precision 8, 350x350, components 3\012- data
Hash 88fd30f3bf7110cb564ed12dfb04a1b8
6596343a9eafce7f1c94ffbf6faa9f0143a4b67c
8063268fb34132205cf47e96641435b2ce9e8cf97a160737ddc36418873d665c
Analyzer Verdict Alert fortinet Phishing
GET /images/cq05.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:23 GMT
Content-Type: image/jpeg
Content-Length: 92372
Last-Modified: Fri, 15 Oct 2021 07:10:06 GMT
Connection: keep-alive
ETag: "6169294e-168d4"
Expires: Sat, 15 Oct 2022 12:13:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/t5-min.jpeg
128.1.44.155200 OK 97 kB URL HTTP/1.1 h96.live/images/t5-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x300, components 3\012- data
Hash c5b015b09f397cb8eb945b0e815fbaa9
7f804081f39418d7d2466a4a5d5e589c673daeb2
9b71b51fead412b68bccddfb9015f0fc3154bdfc75cc27b4ac4ede380a56c657
Analyzer Verdict Alert fortinet Phishing
GET /images/t5-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/jpeg
Content-Length: 97054
Last-Modified: Fri, 15 Oct 2021 07:11:00 GMT
Connection: keep-alive
ETag: "61692984-17b1e"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/logo.png
128.1.44.155200 OK 26 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 947f09522b9aa94e504484d5c2dc5886
d66f7b93ba04139b61c53af6428f00f332a307fd
82eb953ba24cd42485449a09feb9b95b032d3cf886cb660aedef1793f62ba053
GET /images/logo.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/png
Content-Length: 25738
Last-Modified: Sat, 31 Jul 2021 07:01:06 GMT
Connection: keep-alive
ETag: "6104f532-648a"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/btn.gif
128.1.44.155200 OK 52 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type GIF image data, version 89a, 300 x 133\012- data
Hash 8a54c77d6abb54203588a777ffc63465
28c4ca924ff1e9345f87380df9ed5b4a9bef9220
f9a330c35754440836a87d5385ba7f63c6790eeb75b709bdc259e5ea0b46c246
GET /images/btn.gif HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/gif
Content-Length: 52273
Last-Modified: Fri, 15 Oct 2021 12:42:48 GMT
Connection: keep-alive
ETag: "61697748-cc31"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/tag1.png
128.1.44.155200 OK 1.6 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 102 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a0ab7bad2945fac4f5d32b6d1168ef47
8704729f53840a0f5377c4d943360b2e4680fb08
d93a86e425c2ca652cf756cef2d5da71adcf63bc1f0002c25bdaf5b6f34fcde8
GET /images/tag1.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/png
Content-Length: 1611
Last-Modified: Fri, 06 Aug 2021 22:37:40 GMT
Connection: keep-alive
ETag: "610db9b4-64b"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/distance.png
128.1.44.155200 OK 942 B URL HTTP/1.1 h96.live/images/distance.png
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 109 x 33, 8-bit gray+alpha, non-interlaced\012- data
Hash 607df472d4f8b54cebe5078f8be892e3
dfb4ce1172c23cb39b485e59b1cea9466bd028ac
60d3cb7e330086a42300742b60c5d3d05179a7f3dcb64e128ac8ff4fea512033
GET /images/distance.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:24 GMT
Content-Type: image/png
Content-Length: 942
Last-Modified: Fri, 06 Aug 2021 22:37:40 GMT
Connection: keep-alive
ETag: "610db9b4-3ae"
Expires: Sat, 15 Oct 2022 12:13:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/trueuser.png
128.1.44.155200 OK 4.0 kB URL HTTP/1.1 h96.live/images/trueuser.png
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 142 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 797b127d46195cac489380a2ca97b75c
ba453e8e43201a9879dd9b1479cc11a4802495ff
8a3bf2a08af8a6d1a0cf101eac5258f28354df8dc277ac78bcb1d3d682aafba6
GET /images/trueuser.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/png
Content-Length: 4017
Last-Modified: Fri, 06 Aug 2021 22:37:40 GMT
Connection: keep-alive
ETag: "610db9b4-fb1"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/online.png
128.1.44.155200 OK 3.3 kB URL HTTP/1.1 h96.live/images/online.png
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 76 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b45a03d18880b0e02320404bf61ebce
3b44c2e6cec700ffa33d3d3709a76f1261f08278
3edbafa2cea753b60b798d3408d8cf57ca55f47fa5dc8ece186d2fe20636758c
GET /images/online.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/png
Content-Length: 3253
Last-Modified: Fri, 06 Aug 2021 22:37:40 GMT
Connection: keep-alive
ETag: "610db9b4-cb5"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/tag2.png
128.1.44.155200 OK 3.3 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 102 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 497e22eecd1f97d346e2fe8f8a23929d
86bae70bb58c924724c0f5a4f9a1f3b20957e5b7
190f75981b6b8e458311b43fe3de31fea6435caa9344c8775f941c196875b471
GET /images/tag2.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/png
Content-Length: 3284
Last-Modified: Fri, 06 Aug 2021 22:37:40 GMT
Connection: keep-alive
ETag: "610db9b4-cd4"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/tag3.png
128.1.44.155200 OK 2.0 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 102 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 27db22d1e321f34f220ff7319fa12e35
f793e744ea0f48677057cff2b99057bd98aaf194
22b26a5a4f2122e973a3e6704d0882541bdb2b5e731986f61715f04bd09c7809
GET /images/tag3.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/css/m.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/png
Content-Length: 1957
Last-Modified: Fri, 06 Aug 2021 22:37:40 GMT
Connection: keep-alive
ETag: "610db9b4-7a5"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/down-btn.png
128.1.44.155200 OK 994 B URL HTTP/1.1 h96.live/images/down-btn.png
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 24 x 24, 16-bit gray+alpha, non-interlaced\012- data
Hash 1f42e2618af55703def6cba54c50ae6e
421b81adf63bedd46c86716aeee1a2c89f4c7b88
7c817733bd5c9110f68fa57add13a9757236473d970da9c2d3364f6435313a36
GET /images/down-btn.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/png
Content-Length: 994
Last-Modified: Thu, 16 Sep 2021 07:21:20 GMT
Connection: keep-alive
ETag: "6142f070-3e2"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/help.png
128.1.44.155200 OK 1.1 kB IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type PNG image data, 24 x 24, 16-bit gray+alpha, non-interlaced\012- data
Hash 23aa21aa35e019fe4188818f181079ae
3dd7ae59dc97369ad296097be2a4ab09bf8aaac6
115dbbf99aeed4228898cf4b2f302e3b7e452a271eddea96ac4c32bc95922205
GET /images/help.png HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/png
Content-Length: 1078
Last-Modified: Thu, 16 Sep 2021 07:20:20 GMT
Connection: keep-alive
ETag: "6142f034-436"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq07.jpeg
128.1.44.155200 OK 83 kB URL HTTP/1.1 h96.live/images/cq07.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=313, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=259], baseline, precision 8, 259x313, components 3\012- data
Hash e8d911d10c7fc87c8489b1582683df99
1a0dc03b6691afdcdf16fa25f28c395f10f0bbd2
223daf611fd89b632a7ce36cbbbc672a1c0b265ee5ac6c89c48d629be647111a
Analyzer Verdict Alert fortinet Phishing
GET /images/cq07.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/jpeg
Content-Length: 82579
Last-Modified: Fri, 15 Oct 2021 07:10:12 GMT
Connection: keep-alive
ETag: "61692954-14293"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq08.jpeg
128.1.44.155200 OK 78 kB URL HTTP/1.1 h96.live/images/cq08.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=313, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=259], baseline, precision 8, 259x313, components 3\012- data
Hash 852471279960ebcd1cbcf258019ca3b7
956dc4472ab527d7920a62a65d25937acedf4fdf
4223a44969261fc5e1414d95700a3b0010a0beed044504ab7c93fc0cf28bf566
Analyzer Verdict Alert fortinet Phishing
GET /images/cq08.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/jpeg
Content-Length: 77793
Last-Modified: Fri, 15 Oct 2021 07:10:16 GMT
Connection: keep-alive
ETag: "61692958-12fe1"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq09.jpeg
128.1.44.155200 OK 72 kB URL HTTP/1.1 h96.live/images/cq09.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=313, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=259], baseline, precision 8, 259x313, components 3\012- data
Hash 1a29969a2683accee9237ceee325345a
0b71431ece5dc6e29a2af3eb0c4a6739c8d893a7
636121081aacfb73fc9cf89938fb985d8d7897ca0a4fb9c8e2d601d33742c84e
Analyzer Verdict Alert fortinet Phishing
GET /images/cq09.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/jpeg
Content-Length: 72035
Last-Modified: Fri, 15 Oct 2021 07:10:18 GMT
Connection: keep-alive
ETag: "6169295a-11963"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/cq10.jpeg
128.1.44.155200 OK 87 kB URL HTTP/1.1 h96.live/images/cq10.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=313, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=259], baseline, precision 8, 259x313, components 3\012- data
Hash c762748c86a09a0a469f4813b2bfc96a
c65566358cb0ab6ca0be0b7fcb3da4f4ed5a42ab
eaf22aa93b2126bf40be44bcea7b8252bc353818e7b8bc0bdc075816f2779915
Analyzer Verdict Alert fortinet Phishing
GET /images/cq10.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/jpeg
Content-Length: 87101
Last-Modified: Fri, 15 Oct 2021 07:10:22 GMT
Connection: keep-alive
ETag: "6169295e-1543d"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/images/5-min.jpeg
128.1.44.155200 OK 187 kB URL HTTP/1.1 h96.live/images/5-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=491, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=654], baseline, precision 8, 654x491, components 3\012- data
Size 187 kB (186838 bytes)
Hash 9a8a990a9906cf0a13c541492003190e
aa6628d452f45460a07d9b264d60387db7bd27b9
f84ba35caf90fecaafdac3288c5b20b033345850afc2d92224145c5e43dc5595
Analyzer Verdict Alert fortinet Phishing
GET /images/5-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/jpeg
Content-Length: 186838
Last-Modified: Fri, 15 Oct 2021 07:05:34 GMT
Connection: keep-alive
ETag: "6169283e-2d9d6"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
h96.live/favicon.ico
128.1.44.155404 Not Found 146 B IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
h96.live/images/6-min.jpeg
128.1.44.155200 OK 176 kB URL HTTP/1.1 h96.live/images/6-min.jpeg
IP 128.1.44.155:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=491, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=654], baseline, precision 8, 654x491, components 3\012- data
Size 176 kB (175934 bytes)
Hash cfe74a0f80e00df1f35f672bd7bfcdf3
87506a8886eeb6d63e5e750bf0418ef3c624b6b9
46087fd6269614fa03e8295ba077202299222cad4ee1d030e78d30c4110d8349
Analyzer Verdict Alert fortinet Phishing
GET /images/6-min.jpeg HTTP/1.1
Host: h96.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://h96.live/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 12:13:25 GMT
Content-Type: image/jpeg
Content-Length: 175934
Last-Modified: Fri, 15 Oct 2021 07:05:38 GMT
Connection: keep-alive
ETag: "61692842-2af3e"
Expires: Sat, 15 Oct 2022 12:13:25 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes