Report - www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php

Report Overview

Submitted URL
www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
IP
160.124.198.235
ASN
#132839 POWER LINE DATACENTER
Submitted
2023-06-09 10:52:07
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s2.loli.net	100401	2011-05-28	2021-12-08	2023-06-09	1.3 kB	119 kB	104.26.0.190
ky891.oss-cn-shenzhen.aliyuncs.com	unknown	2012-04-01	2023-01-01	2023-06-09	447 B	315 kB	120.78.115.62
js.users.51.la	53024	2005-01-17	2012-05-30	2023-06-09	405 B	5.2 kB	42.236.73.41
ia.51.la	59607	2005-01-17	2017-10-31	2023-06-09	2.1 kB	71 B	42.236.73.39
kjimg10.360buyimg.com	unknown	2009-09-10	2022-11-25	2023-06-09	1.5 kB	2.5 MB	121.226.246.3
static.qwahk.com	unknown	2022-10-15	2022-11-07	2023-06-09	425 B	187 kB	154.39.80.49
uu8658uu.com	unknown	2023-04-18	2023-04-18	2023-06-09	447 B	104 kB	103.170.15.88
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	2012-04-01	2022-06-01	2023-06-09	447 B	346 kB	120.78.115.86
tupian.baitu1llbkotsfthllcjeg.com	unknown	2023-04-11	2023-04-17	2023-06-09	452 B	973 kB	172.67.197.54
img.1266999.com	unknown	2023-01-05	2023-02-16	2023-06-09	449 B	200 B	103.166.246.24
img.mengzhan28.top	unknown	2023-04-10	2023-05-08	2023-06-09	2.6 kB	3.6 MB	172.67.68.155
88885aaa.com	unknown	2022-11-20	2022-11-25	2023-06-09	447 B	50 kB	103.170.15.91
aaaaa866.com	unknown	2023-03-26	2023-04-04	2023-06-09	447 B	68 kB	103.170.15.81
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23	2023-06-09	714 B	3.9 kB	104.18.21.226
8388tp.com	unknown	2023-03-28	2023-03-28	2023-06-09	422 B	61 kB	162.250.140.188
aaaaa366.com	unknown	2023-03-26	2023-04-08	2023-06-09	447 B	611 kB	103.170.15.88
xo.imgwawawa.vip	unknown	2023-06-05	2023-06-05	2023-06-09	860 B	1.1 MB	162.250.140.99
uu3531uu.com	unknown	2023-04-18	2023-04-18	2023-06-09	447 B	684 kB	103.170.15.76
uu9665uu.com	unknown	2023-04-18	2023-04-28	2023-06-09	894 B	1.2 MB	103.170.15.106
ocsp.buypass.com	157566	2004-08-13	2017-01-30	2023-06-09	330 B	2.3 kB	23.36.76.129
uu2722uu.com	unknown	2023-04-18	2023-04-18	2023-06-09	447 B	55 kB	103.170.15.72
aaaaa662.com	unknown	2023-03-26	2023-04-01	2023-06-09	447 B	845 kB	103.170.15.88
uu6873uu.com	unknown	2023-04-18	2023-04-29	2023-06-09	447 B	34 kB	103.170.15.88
lxbd2.com	unknown	2023-05-27	2023-05-27	2023-06-09	444 B	58 kB	172.83.155.45
	unknown				404 B	221 B	0.0.0.0
ocsp.trust-provider.cn	unknown	2015-04-09	2022-02-10	2023-06-09	336 B	1.5 kB	47.246.44.205
ocsp.digicert.cn	37572	2006-01-24	2020-03-20	2023-06-09	660 B	1.9 kB	47.246.44.205
img.6561a.com	unknown	2022-12-12	2023-01-12	2023-06-09	461 B	200 B	103.166.246.24
aa887799aa.com	unknown	2023-05-23	2023-05-25	2023-06-09	449 B	962 kB	103.170.15.96
3p8801.co	unknown	2022-07-04	2022-07-05	2023-06-09	422 B	380 kB	142.4.117.122
cdn.staticfile.org	46426	2013-03-29	2013-08-23	2023-06-09	418 B	81 kB	47.246.44.211
img.1382a.xyz	unknown	2023-05-10	2023-06-01	2023-06-09	447 B	200 B	103.166.246.24
uu5512uu.com	unknown	2023-04-18	2023-04-18	2023-06-09	447 B	394 kB	103.170.15.72
www.hntv1165.top	unknown	unknown	No data	No data	8.9 kB	3.7 MB	104.21.45.230
img.lytuchuang13.com	unknown	2023-04-29	2023-04-29	2023-06-09	14 kB	2.4 MB	154.12.54.75
si1.go2yd.com	325918	2013-12-16	2017-02-02	2023-06-09	433 B	118 kB	163.171.140.79
shouptt.cn	unknown	2023-05-12	2023-05-30	2023-06-09	421 B	625 kB	218.66.171.11
1cdn.8b4v.cn	unknown	2020-06-19	2023-04-13	2023-06-09	848 B	648 kB	220.200.129.225
u1055.com	unknown	2018-07-18	2021-02-01	2023-06-09	444 B	66 kB	103.170.15.36
oss-cn-shenzhen.aliyun06062023.com	unknown	2023-06-05	2023-06-05	2023-06-09	450 B	158 kB	172.247.170.197
23-download8868.oss-cn-hongkong.aliyuncs.com	unknown	2012-04-01	2023-05-27	2023-06-09	484 B	489 kB	47.56.33.53
dvcasha2.ocsp-certum.com	71753	2013-12-19	2014-11-27	2023-06-09	338 B	1.9 kB	23.36.79.17
uu6967uu.com	unknown	2023-04-18	2023-04-29	2023-06-09	447 B	235 kB	103.170.15.76
www.needtakehave.com	unknown	2022-11-07	2015-12-09	2023-06-07	1.8 kB	3.7 kB	160.124.198.235
sycdn.pic-726-baidu.com	unknown	2022-08-03	2022-08-04	2023-06-09	1.8 kB	56 kB	104.22.28.157
img.1181999.com	unknown	2023-01-05	2023-02-24	2023-06-09	449 B	200 B	103.166.246.24
img.230579.top	unknown	2023-03-28	2023-04-01	2023-06-09	448 B	200 B	103.166.246.24
img.8578a.com	unknown	2022-12-12	2022-12-22	2023-06-09	447 B	200 B	103.166.246.24
u1010.com	unknown	2018-07-18	2017-03-05	2023-06-09	444 B	93 kB	103.170.15.36
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-09	5.9 kB	17 kB	104.18.15.101
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-09	1.8 kB	9.5 kB	104.18.21.226
sta2.imgclh.com	unknown	2023-01-19	2023-02-06	2023-06-09	450 B	142 kB	172.67.197.136
uu3233uu.com	unknown	2023-04-18	2023-04-18	2023-06-09	447 B	373 kB	103.170.15.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-09 10:51:48	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-09	medium	baitu1llbkotsfthllcjeg.com

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.tz26.xyz:6188/n.js	1.4 kB	2023-06-09	2023-06-09
Pretty URL www.tz26.xyz:6188/n.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:52:15 Last Seen2023-06-09 12:52:15 Times Seen1 Hash e38b9560fdd40158dc7e014bb14d8250 2427b2e3b0f013e1c267f0bad54796daf8f3de92 0132c6140a1b471659acf4dbe84c3fbac7c03b7ebd72053565239308ae23e59e Loading...

	cdn.staticfile.org/jquery/1.9.1/jquery.js	268 kB	2023-03-07	2024-04-25
Pretty URL cdn.staticfile.org/jquery/1.9.1/jquery.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:57 Last Seen2024-04-25 09:12:40 Times Seen43953 Hash 08c235d357750c657ac1db7d1cf656a9 9257afd2d46c3a189ec0d40a45722701d47e9ca5 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Loading...

	www.hntv1165.top/template/yyys2/js/jquery.config.js	5.2 kB	2023-03-08	2024-04-16
Pretty URL www.hntv1165.top/template/yyys2/js/jquery.config.js IP 104.21.45.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:28 Last Seen2024-04-16 23:49:24 Times Seen941 Hash f5dce512c007be323c536d388c10e40c 9fb3e222cd62db07f778231bd94e581682aaa7f5 ae14c6da269ef9b4258cb9b0deed4775d763c6bec8b108c877531ae74fc0a632 Loading...

	www.hntv1165.top/	610 B	2023-06-02	2023-06-21
Pretty URL www.hntv1165.top/ IP 104.21.45.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 22:32:07 Last Seen2023-06-21 16:10:00 Times Seen45 Hash e9fe3679b1b30071efa632b979f430cb 8bbbd202232c542c26a2d90c19295cf96469a447 db70757cccb4f1b2d39724c06a808e1c8dfef0d373cae28439064510f87b4916 Loading...

	www.hntv1165.top/	606 B	2023-06-01	2023-06-09
Pretty URL www.hntv1165.top/ IP 104.21.45.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:45:24 Last Seen2023-06-09 12:52:15 Times Seen16 Hash c869366aae6017f65f6b940ca59f5981 0c3738e320a82c54f066c582855536df83eef785 d9a557c6490a01cf981f95f1a3c3b08267b88dee63d7e686b96250f9de2c5d1a Loading...

	www.hntv1165.top/template/yyys2/common.js	788 B	2023-05-08	2023-07-13
Pretty URL www.hntv1165.top/template/yyys2/common.js IP 104.21.45.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 10:51:44 Last Seen2023-07-13 15:39:22 Times Seen54 Hash f448b2b4c4e8f4f01b57ad036283fb22 c8f08dbcd0e23d7ee7685e27ba6afba8b98e2849 c60468e9e6b2988dc71be254905c7b8ac2aa9abedcf3f605a12816fb5d0c7c5e Loading...

	www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php	48 B	2023-06-09	2023-09-26
Pretty URL www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php IP 160.124.198.235 ASN #132839 POWER LINE DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-09 12:52:12 Last Seen2023-09-26 14:15:28 Times Seen10 Hash cfea61ba29d0041eb24107660f53b90e 0c8b927fdac8fcb40b967b2078ea26112451bbdd 627363973867abc25a237670dd488f52741f7dcbed74a167a692c59bb0212695 Loading...

	www.needtakehave.com/common.js	1.1 kB	2023-03-25	2023-08-25
Pretty URL www.needtakehave.com/common.js IP 160.124.198.235 ASN #132839 POWER LINE DATACENTER Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:47:18 Last Seen2023-08-25 08:20:55 Times Seen825 Hash 66727ff0dfbb60524ea3558215acb178 ffb76bb5d96ade10e2d28bb03f01f8343758482e e25fb87e42cbff74ec7a4830aa7dcb8cbec882250139e1c933109960f397d87e Loading...

	www.hntv1165.top/	202 B	2023-03-07	2024-01-01
Pretty URL www.hntv1165.top/ IP 104.21.45.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10:40 Last Seen2024-01-01 01:06:39 Times Seen346 Hash c569aedb041eaad794e78047277d8d6d 429a894aa55498dfdd90754e6502f82948379510 5fbadbed9e9fe834f625973f34de90e394da033b191840ec699219b54ada8ea1 Loading...

	js.users.51.la/21298467.js	4.9 kB	2023-05-06	2024-04-18
Pretty URL js.users.51.la/21298467.js IP 42.236.73.41 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 05:54:51 Last Seen2024-04-18 13:04:23 Times Seen2203 Hash cf0fa295a09a1e451b762bb63884d803 32744a117ddadc60307681be5c3766b3ada42247 5b8446744df0dd22d70240458e29421e3e06b448bb04e9db96e98405fd9b719f Loading...

	www.needtakehave.com/tj.js	527 B	2023-06-09	2023-09-26
Pretty URL www.needtakehave.com/tj.js IP 160.124.198.235 ASN #132839 POWER LINE DATACENTER Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:52:12 Last Seen2023-09-26 14:15:28 Times Seen22 Hash 2900162af1ae7e07b2afd8502cc7b273 b18266f51858cd1c454bc287f06d17880bfe5fc7 d2c4389aa9188b3bb5a7e8891c35e534e673b911a32d4ff919cbeb41d719c98c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 78974013ce3e503d2f6cbbc048562824	386 B	2023-06-09	2023-06-09
Pretty Observations First Seen2023-06-09 12:52:15 Last Seen2023-06-09 12:52:15 Times Seen1 Hash 78974013ce3e503d2f6cbbc048562824 80f9b35f3ec68c511eaead567648227a4635396c 5a26e10fb63ebfc728ee7c9bbc06e610e1134e3665332e55492924c653b1f789 Loading...

		Size	First Seen	Last Seen
	#1 Write - c7f0cfcf9a13819e906781ed0ea840af	322 B	2023-06-01	2023-06-09
Pretty Observations First Seen2023-06-01 09:45:24 Last Seen2023-06-09 12:52:15 Times Seen16 Hash c7f0cfcf9a13819e906781ed0ea840af bcc77bfc0426340cf05e5c1df22fead78af1f2c8 5a40bbe714f9cc392f8e77523050122a91c9ce452d0cba809e58fb4af734dada Loading...

	#2 Write - 409fe44ab76562bf066f8cdd4119ec5a	99 B	2023-03-25	2023-08-25
Pretty Observations First Seen2023-03-25 23:47:18 Last Seen2023-08-25 08:20:55 Times Seen448 Hash 409fe44ab76562bf066f8cdd4119ec5a a80d707c6c63bdfd530e4d58663771da626cb0c1 cb0ce445e4d410846d9b030ab0c18fc1aa371c590298aef575769dbcd5e36f9f Loading...

	#3 Write - 695d63536011ae576b0c00cb78f4a300	367 B	2023-06-09	2023-06-09
Pretty Observations First Seen2023-06-09 12:52:15 Last Seen2023-06-09 12:52:15 Times Seen1 Hash 695d63536011ae576b0c00cb78f4a300 be96de5c6660ec5fff5e232354e7a14e13f2748e 89dfc1e8febe28793a319f4c5788bb6748ceab4f731580ed64a14fa7c100d24c Loading...

	#4 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 06:49:25 Times Seen3761 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#5 Write - 028d82b2b1708c30d21a5d931a66829f	326 B	2023-06-02	2023-06-21
Pretty Observations First Seen2023-06-02 22:32:07 Last Seen2023-06-21 16:10:00 Times Seen45 Hash 028d82b2b1708c30d21a5d931a66829f b5b858e53e4a29fe5a3b1c57bca84f45dc4dfce6 02a8f23205ac67f52d27e7ea1dd5a5651f9c57b0d9be49da55017c43b1f55fc6 Loading...

HTTP Transactions (141)

URL IP Response Size

www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php

160.124.198.235

200 OK

632 B

URL User Request GET HTTP/1.1
www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
IP
160.124.198.235:80
ASN
#132839 POWER LINE DATACENTER

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (950), with CRLF line terminators
Size
632 B (632 bytes)
Hash
0dbc7c3b1814289575662bec135f1a2f
b4b5dd96386ad4d4738fa608529e669ca267437b
1bd88bba7ec37e41f0e72f19f348e585f2bdc4a4e8b35602de45f81e891eb7e3

HTTP Headers

GET /darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.needtakehave.com/tj.js

160.124.198.235

200 OK

527 B

URL GET HTTP/1.1
www.needtakehave.com/tj.js
IP
160.124.198.235:80
ASN
#132839 POWER LINE DATACENTER

Requested by
http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php

File type
ASCII text, with CRLF line terminators
Size
527 B (527 bytes)
Hash
2900162af1ae7e07b2afd8502cc7b273
b18266f51858cd1c454bc287f06d17880bfe5fc7
d2c4389aa9188b3bb5a7e8891c35e534e673b911a32d4ff919cbeb41d719c98c

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:40:54 GMT
Content-Type: application/x-javascript
Content-Length: 527
Connection: keep-alive

www.needtakehave.com/common.js

160.124.198.235

200 OK

488 B

URL GET HTTP/1.1
www.needtakehave.com/common.js
IP
160.124.198.235:80
ASN
#132839 POWER LINE DATACENTER

Requested by
http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php

File type
ASCII text, with very long lines (1070), with no line terminators
Size
488 B (488 bytes)
Hash
66727ff0dfbb60524ea3558215acb178
ffb76bb5d96ade10e2d28bb03f01f8343758482e
e25fb87e42cbff74ec7a4830aa7dcb8cbec882250139e1c933109960f397d87e

HTTP Headers

GET /common.js HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:40:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.trust-provider.cn/

47.246.44.205

599 B

URL
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
599 B (599 bytes)
Hash
5b9eafe11bc0907078797c294779f4bf
b15e95dfd6d3678348647c732c206387e709f9e9
63ae7b20a78bf49778cfdb184d7b7ef3751f5d506ab1877ead04464c8eb8ffb7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 09 Jun 2023 10:51:43 GMT
last-modified: Tue, 06 Jun 2023 18:48:49 GMT
expires: Tue, 13 Jun 2023 18:48:48 GMT
etag: "b15e95dfd6d3678348647c732c206387e709f9e9"
cache-control: max-age=584360,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7d48d22b68c81c2e-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1686307903
via: cache21.l2de2[32,32,304-0,M], cache3.l2de2[34,0], cache2.se1[0,0,200-0,H], cache3.se1[1,0], cache3.se1[3,0]
age: 5
x-cache: HIT TCP_MEM_HIT dirn:3:155186753
x-swift-savetime: Fri, 09 Jun 2023 10:51:43 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9716863079087005883e, 2ff62c9716863079087005883e

www.needtakehave.com/favicon.ico

160.124.198.235

200 OK

1.2 kB

URL GET HTTP/1.1
www.needtakehave.com/favicon.ico
IP
160.124.198.235:80
ASN
#132839 POWER LINE DATACENTER

Requested by
http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:40:56 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 26 Apr 2023 07:40:56 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

ocsp.digicert.cn/

47.246.44.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
2a7d8fc28f82e78218a05fe3c6391ed7
248c6dbf79a661069233863065736e94e2375532
fea9c66afdb9284687586e7b8fd964c7dbe597522c5ade3aa8bf914b899291ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 09 Jun 2023 10:51:50 GMT
Ali-Swift-Global-Savetime: 1686307910
Via: cache5.l2de2[51,51,200-0,M], cache5.l2de2[52,0], cache1.se1[74,73,200-0,M], cache1.se1[76,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 09 Jun 2023 10:51:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516863079099601346e

cdn.staticfile.org/jquery/1.9.1/jquery.js

47.246.44.211

200 OK

80 kB

URL GET HTTP/1.1
cdn.staticfile.org/jquery/1.9.1/jquery.js
IP
47.246.44.211:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://www.hntv1165.top/
Certificate
IssuerDigiCert Inc
Subject*.staticfile.org
FingerprintF3:77:67:81:E3:F1:30:9E:CC:CE:EB:B9:2B:C0:7B:08:AE:D4:60:15
ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
80 kB (80123 bytes)
Hash
08c235d357750c657ac1db7d1cf656a9
9257afd2d46c3a189ec0d40a45722701d47e9ca5
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

HTTP Headers

GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Thu, 08 Jun 2023 18:03:56 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: _coAAABc9wwcwWYX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1686247436
Via: cache15.l2de2[0,0,304-0,H], cache3.l2de2[0,0], cache7.se1[0,0,200-0,H], cache8.se1[1,0]
Content-Encoding: gzip
Age: 60474
X-Cache: HIT TCP_MEM_HIT dirn:5:293755473
X-Swift-SaveTime: Thu, 08 Jun 2023 18:09:55 GMT
X-Swift-CacheTime: 86041
Timing-Allow-Origin: *
EagleId: 2ff62c9c16863079101411588e

www.hntv1165.top/template/yyys2/images/1.gif

104.21.45.230

200 OK

254 B

URL GET HTTP/3
www.hntv1165.top/template/yyys2/images/1.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/yyys2/images/1.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmH3SU3VsvvSMjcf7Y1gkEsXytAMkYz4OdK%2BKVA%2Bam8lalhai7Q871RzWgznUQhUV5ewJZHfT85D4IyBfAZgWtnsnIfT4qgYrdJW5ImxNbr%2Fp35sFNELonRvCwXgiRozymQ7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255a87d0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/tp/yptp/y2.gif

104.21.45.230

200 OK

38 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/yptp/y2.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
38 kB (38353 bytes)
Hash
150b3bb2746e620658ec5323aaada6c8
0df82e55e47ca0fac1e8f10ed4c392de5adae684
a5ccd7fe72760b5ab08a158d5e9ae1df4c2304796ee4c8b8a143f360d1604fd7

HTTP Headers

GET /template/yyys2/tp/yptp/y2.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 38353
last-modified: Sun, 26 Jun 2022 16:40:34 GMT
etag: "62b88c02-95d1"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MasV0mm8Go%2BUDyTqhWnnEOWeJglm%2BAQUtm5bsUPrzGemxuOZIkJHoQ%2Fv4j3ITYiGXryfSXnVzUWy8V8TkEp1gNQQTGYf%2BeMAePZuu1rz0q5ABkxNdkAB%2BbG0o3B3y%2BVGqBNo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255c89e0b3d-OSL
alt-svc: h3=":443"; ma=86400

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4e30f2af34429b31f872c61f2e2e8d60
4d96080535b8b5d67be4e85255de300ac345c39b
9a0def06706039c55c17274bcb950311daff31022b45ce123d3dec3f3d76140e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 16:19:56 GMT
Expires: Wed, 14 Jun 2023 16:19:55 GMT
Etag: "4d96080535b8b5d67be4e85255de300ac345c39b"
Cache-Control: max-age=451084,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d2585a9ffabc-OSL

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d447a7f0eac0a7d2f775670c2262e539
3889f8c509061daef7af6a5faae8b68d2d5555b3
76aa2d71177dd5f4e1fe10ad8a2cadfbbc031deea4ef2929379a24054524da33

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 13:19:52 GMT
Expires: Tue, 13 Jun 2023 13:19:51 GMT
Etag: "3889f8c509061daef7af6a5faae8b68d2d5555b3"
Cache-Control: max-age=353880,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d2586bd6b51e-OSL

www.hntv1165.top/template/yyys2/images/video-mask.png

104.21.45.230

200 OK

107 B

URL GET HTTP/3
www.hntv1165.top/template/yyys2/images/video-mask.png
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/yyys2/images/video-mask.png HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/template/yyys2/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiFBbwIlL4tknXG4ALYkR%2BJx3O4auN1TR9T6CE3PuhPDCeu5RYvogdCd%2BYmCsUPm0W0LzoXingHT65kaTCVnt8OlpFTmhR6TEEWyhYJJfkqq6HELuKj%2F%2Fppog98D539qmp8a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d257fafe0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/images/video-play.png

104.21.45.230

200 OK

1.6 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/images/video-play.png
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/yyys2/images/video-play.png HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/template/yyys2/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YstUN8DvvPHz%2FT34bnJnW%2FgmuBuByDAAvIoq%2B9qnrrtyMZ%2FXpRXA5FDJYaiAKKiYBgrjri3XK93sshXcopFGlMRFt9Umkux58uaIU3NlNwBr6IoXj46WixxOucIwGAzeF%2Brj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d2580b0d0b3d-OSL
alt-svc: h3=":443"; ma=86400

s2.loli.net/2023/05/31/TasOeNKw3Pd4kpq.jpg

104.26.0.190

200 OK

36 kB

URL GET HTTP/2
s2.loli.net/2023/05/31/TasOeNKw3Pd4kpq.jpg
IP
104.26.0.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 602x401, components 3\012- data
Size
36 kB (36326 bytes)
Hash
a06f7570d766e103bd6b7a2e8f7e282d
7743d4a99e2a9d31087cf0ac7ea6e24b8ea02d48
fc760678ae416445a237f11ea518c27e7836f7a4c0870ae8776b3ad3004b706a

HTTP Headers

GET /2023/05/31/TasOeNKw3Pd4kpq.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/jpeg
content-length: 36326
last-modified: Wed, 31 May 2023 11:03:25 GMT
etag: "6477297d-8de6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kmszk84lqZwKbvQoH2X7VUS7jf1SHpCmWrdGLTia9VravvcQp3s7f0TLFu3G1XMkzdejspoo%2FOo2GueAPbXREnHZL8Mfq6wuzD4NBp%2B7M1dHWbzSXWMUpyFOgUz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d2579c73b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.hntv1165.top/template/yyys2/tp/zbdtp/a1.gif

104.21.45.230

200 OK

70 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/zbdtp/a1.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
70 kB (69896 bytes)
Hash
70b900242fdade2c9b1be5742d96f0f0
a5d5f1d689289683caccb6552356be7759051cab
8a9c1d22ef7b0c76959e0be485db3db50fe2fcec85e77286124a0d842951e1c1

HTTP Headers

GET /template/yyys2/tp/zbdtp/a1.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 69896
last-modified: Sun, 26 Jun 2022 16:41:40 GMT
etag: "62b88c44-11108"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJYxHwix%2F3%2BouBtmInsv0zpSdCTAw9ORGCh%2BKhW5hR2mx7mIw5c6uFbBvVWRYzqbEv2z3IaYkYSXJ4kobbIs8HigCQuUmDIacVg8NpplCKIEw21OL2gRommnWOnpxdTdB7ib"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d25588550b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/tp/zbdtp/a4.gif

104.21.45.230

200 OK

86 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/zbdtp/a4.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 640 x 200\012- data
Size
86 kB (86199 bytes)
Hash
2fb46fbac4465a3915ee2482b2223c25
6bb17db9f8c5517bfe21f4a54480c3fec3629adb
56eed647be7230eb7ba9fd7f3cee377e9636395207e26479ba10de9cecf8f637

HTTP Headers

GET /template/yyys2/tp/zbdtp/a4.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 86199
last-modified: Sun, 26 Jun 2022 16:41:40 GMT
etag: "62b88c44-150b7"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjsr108OwEcgABBtO8X3PwqRJt2fyYuucg9scFAsnFRYZ48MFuyGkILny8htvFDahfGemtM%2BWN5uXcQ%2FiaY8Bw29HFkHHwTla6Ae5FL4dwxNtegsxPbYCNkO2NPi%2FcyMX6zr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255a87a0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/tp/yptp/y3.gif

104.21.45.230

200 OK

67 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/yptp/y3.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
67 kB (66982 bytes)
Hash
e0f20c3626cccf9e26c0d8969d2032f8
5b076b7a6a320d326920affcb3945737ef7e91e3
da30a87446a82d8a33d0ef3b40665bfa5396b98f9029e636b2f8517655475bbc

HTTP Headers

GET /template/yyys2/tp/yptp/y3.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 66982
last-modified: Sun, 26 Jun 2022 16:40:36 GMT
etag: "62b88c04-105a6"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3Vka8%2BBTxb41LvMlAR%2B57oxOSv6Jfi3K6J4V06VAySoTZjDM%2BGr4L669MOiSaEUXLeHJSbe6PRPPPrZHlEdgrlCkhJCvqvWyT8Nl9TxPpXrR%2BID6Y4%2FGu%2BcuQk0B7Lh84Zc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255c8960b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/tp/yptp/y1.gif

104.21.45.230

200 OK

105 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/yptp/y1.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
105 kB (105007 bytes)
Hash
8addcd5a8672c743ab9d7c3728939025
ec5378c74c297e54484cf0f6e955cb27fe036b05
9a9675e295a3047370252c4fa1323fbcd71d8357e22d74b1cbed41178f76e2c3

HTTP Headers

GET /template/yyys2/tp/yptp/y1.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 105007
last-modified: Sun, 26 Jun 2022 16:40:34 GMT
etag: "62b88c02-19a2f"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5GlGpvm%2Bkao2fUH8%2BGuVKYMhR1AdXArJLTYJZDz63eUe67aGoQZbgp5NL5EGwd0c%2FE77jNxgpL6Vu%2BsfcUYfTuae4o90IMjfE1xxZWYrtxRmTrFSFRBw2z151%2F57CPprxwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255885f0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/tp/yptp/y4.gif

104.21.45.230

200 OK

135 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/yptp/y4.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 650 x 200\012- data
Size
135 kB (134963 bytes)
Hash
49ebeb91c6dbf5eaf2e519a85e6156ca
6c5f849fd2a5593f0c1e04d0d45249d221a5bcb4
8af438fa2e1adfe8be24973c3b497bbf5b3205357dd6832701dedfbcb0c90c2f

HTTP Headers

GET /template/yyys2/tp/yptp/y4.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 134963
last-modified: Sun, 26 Jun 2022 16:40:38 GMT
etag: "62b88c06-20f33"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gAvdutgV9QZ0aeiIXtmw%2BJxh5R2Q%2BQbwoDwNTTZlUsPrSktxrT7kDBCHs246XGJul46Wfsd5o1QlNR0Kc4aR3BHm6qT0imiq9dE8KmevkbeXdWqihrmxXoeK%2F6G9qO6WOK8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d25598640b3d-OSL
alt-svc: h3=":443"; ma=86400

img.6561a.com/images/645b3c7bc5a14fc705204f63.gif

103.166.246.24

302 Found

0 B

URL GET HTTP/2
img.6561a.com/images/645b3c7bc5a14fc705204f63.gif
IP
103.166.246.24:443
ASN
#51649 Neko LLC.

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject6561a.com
Fingerprint5C:FF:E2:71:DB:D3:C9:8F:2E:91:91:E7:7F:8F:90:84:52:EA:50:F3
ValidityTue, 28 Mar 2023 11:55:26 GMT - Mon, 26 Jun 2023 11:55:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/645b3c7bc5a14fc705204f63.gif HTTP/1.1
Host: img.6561a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/d8/a4/644266c636794e73e7a3d8a4.gif
X-Firefox-Spdy: h2

www.hntv1165.top/template/yyys2/tp/zbdtp/a2.gif

104.21.45.230

200 OK

612 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/zbdtp/a2.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 640 x 150\012- data
Size
612 kB (611850 bytes)
Hash
6ed3dcf7e739969e0d5460b5f07e661f
1954523b227b8fa235e3eed0948749ae7af2f9f5
f97cf559b37c6f33ecef4712c699e88217c64aa85abbf919fa772daaf3a49e0a

HTTP Headers

GET /template/yyys2/tp/zbdtp/a2.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 611850
last-modified: Sun, 26 Jun 2022 15:29:12 GMT
etag: "62b87b48-9560a"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic0p3dPk95RTYgpjZR3cCBXm%2BlJZRGRXqz31odAly6SOmBR5KSRd5V3lo1t2HcyRZrGKH0CHXH7EOoUJHYvL97hFRPhznD1%2FLlFaOu10eeUvIr0Jg4K4WlZoB0SXMdGvKR00"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255c8a00b3d-OSL
alt-svc: h3=":443"; ma=86400

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ad2d81fc8f9b6e3a222fef56c6e1b133
ec25518bc3668d303fac49863e1231420b0b899d
cd619d9c9f463d62f6e1737c6355b01257b9bbb9bab9d4463539c3deefa1beaf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 11:21:56 GMT
Expires: Wed, 14 Jun 2023 11:21:55 GMT
Etag: "ec25518bc3668d303fac49863e1231420b0b899d"
Cache-Control: max-age=433391,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d25c6ebafabc-OSL

www.hntv1165.top/template/yyys2/tp/zbdtp/a3.gif

104.21.45.230

200 OK

691 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/zbdtp/a3.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 640 x 200\012- data
Size
691 kB (691201 bytes)
Hash
e777fbf270544cb526b587f6c9e7b370
d2c75be6512b6a1279e91d5d6d99fa18920ef878
13a0a7ac347346c7bf57699606465257d349ff14861dfa911ef397bfcbda91b2

HTTP Headers

GET /template/yyys2/tp/zbdtp/a3.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 691201
last-modified: Sun, 26 Jun 2022 15:29:18 GMT
etag: "62b87b4e-a8c01"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41A3Umq693fbT3ytXoqpZUGOAkVXbXko8FkfJTBL8ibJKHjRGLJp9J0xBwiEF2QRhh5%2BaBeCYXxty0IAzcZwAFKGUftlex0VWh%2BNa%2FHb1rUJnKJE%2BBlwfYwMO%2FJWljkbwTRF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d255b88f0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/template/yyys2/tp/zbxtp/t7.gif

104.21.45.230

200 OK

439 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/zbxtp/t7.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 319 x 239\012- data
Size
439 kB (438935 bytes)
Hash
da61900bd074cd476019a00e3c3135f3
b7edd4e5f15f096d0b60cc5e9651449505c9b57b
9876f9bbea8bb645b3b3abd0335ccbab421a4f81763f6eccc95c5345ba83c106

HTTP Headers

GET /template/yyys2/tp/zbxtp/t7.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 438935
last-modified: Sun, 26 Jun 2022 16:40:10 GMT
etag: "62b88bea-6b297"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bj1GGlGD80kQqk1WH2PxnHgtlhrd0dmrc9Rg7K9c0cMaCz%2BxXT5UdB%2BuJgNbwD2pJv5IgJ3%2FsJEbzL%2BukOxxcAvcAOlmmesdVZecqziEF%2F7ARXY9%2FpwNyaEMGWqt%2BxG76TJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d25629050b3d-OSL
alt-svc: h3=":443"; ma=86400

s2.loli.net/2023/05/31/bdfwy2PVloiNWqC.jpg

104.26.0.190

200 OK

17 kB

URL GET HTTP/2
s2.loli.net/2023/05/31/bdfwy2PVloiNWqC.jpg
IP
104.26.0.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 336x221, components 3\012- data
Size
17 kB (16836 bytes)
Hash
bf724c2b3ed499f956945bf840f46c4a
544261f064a723adf025102eda79367d71bca08e
0e4ab9ea4554a1e83571f4851b38904ac8caaa93b8d1cddb10f7c79346d60ce8

HTTP Headers

GET /2023/05/31/bdfwy2PVloiNWqC.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/jpeg
content-length: 16836
last-modified: Wed, 31 May 2023 11:30:20 GMT
etag: "64772fcc-41c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wYAryS0afHjotJJgWW%2FJ6K9kdm0sE1rxJuRFSD7Tx7Dn2b6q2bB0IJEjDe1N9Slu%2Bqa8w%2FhA4qkWzMY%2BToljTUzKcJpHsGXWBec4lelq8LXFryu3d%2F6Wt6zLh23"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d2577c40b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s2.loli.net/2023/05/15/pnZQqWAjDXVTtcC.jpg

104.26.0.190

200 OK

63 kB

URL GET HTTP/2
s2.loli.net/2023/05/15/pnZQqWAjDXVTtcC.jpg
IP
104.26.0.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 400x400, components 3\012- data
Size
63 kB (63214 bytes)
Hash
153e0a3a271b296f2ea068a6886be1a0
165bdfaa510246bbe8940c998765b35cac65e87c
453dfd2aa72804f87b500bc61093f5eb39a6d660b8d93bdb7abf7a40a1936e31

HTTP Headers

GET /2023/05/15/pnZQqWAjDXVTtcC.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/jpeg
content-length: 63214
last-modified: Sun, 14 May 2023 17:51:31 GMT
etag: "64611fa3-f6ee"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnlbJDHuyfO4RlVBaebqd0vLlAyx3E9No4KgNAPVYX6s%2B%2BjWOsSXrxPBP9vA090a8aw5UpnIYDJRKSWE9NTlidV2XYDIt4MWrrXkt4ZfFvjmsO8rZqaeEb7cI5fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d2577c44b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.hntv1165.top/template/yyys2/tp/zbxtp/t6.gif

104.21.45.230

200 OK

934 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/tp/zbxtp/t6.gif
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
GIF image data, version 89a, 320 x 180\012- data
Size
934 kB (933572 bytes)
Hash
512330040cbaed2f8f8cd15051d495ef
c0cb358a030931432968ac590fb93c6bf5e7e5b8
5db5b1439ccfbc33e381625ba52cffbf7810b4e640ffa21cd856787d8394e377

HTTP Headers

GET /template/yyys2/tp/zbxtp/t6.gif HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
content-length: 933572
last-modified: Sun, 26 Jun 2022 16:40:06 GMT
etag: "62b88be6-e3ec4"
expires: Sun, 09 Jul 2023 10:51:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qagtSdso455pJsl6jp6oGmcGyjIrgYKFTWDpX9ChIDpUW%2BRoJe3lrKlewa4nPHMG%2F6Ov17fZVnNzRfVoRhEvYpLVK6VfA6Uq7gg6AgNLu%2B%2FvRmSaqa6JR6iHPszRmblj343j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d25629010b3d-OSL
alt-svc: h3=":443"; ma=86400

ocsp.buypass.com/

23.36.76.129

1.7 kB

URL
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
6fde6021869b710dd039dfc1977167c9
15251d127ff92a159fbb1edfde6fd008e9fee3cb
5775fab38fe529cf30b2d3df72f9be0ca4d42b48ba6a7b10de0b970f05afbac2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: da1d14ec-dce9-4364-b8e2-654a006e5257
Content-Length: 1701
Date: Fri, 09 Jun 2023 10:51:51 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307911272_388254845_13173196_5107_459_0_0_-";dur=1

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
35c2a2752a41ede266836b72abeac9d4
626318fc285fb88840ba706040843d9551e39541
5662500c9f3771a975d69fa2851c0937f23d22e1cc7e79075212331b6c100daa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:11:55 GMT
Expires: Tue, 13 Jun 2023 12:11:54 GMT
Etag: "626318fc285fb88840ba706040843d9551e39541"
Cache-Control: max-age=349804,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d25e0a82b51e-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
87dbbed0bc4d9e5bee3b8b8d46604e6f
3b4785d81de307f781507cd7758ec2869bfe893f
85a36d53cc99e1b75a2a0759db20c7798f9253629b4fecf4bad7b6dad763782a

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:04:35 GMT
ETag: "3b4785d81de307f781507cd7758ec2869bfe893f"
Last-Modified: Fri, 09 Jun 2023 07:04:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3156
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d25e8981b4fd-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f1dc7fb7d14bf3065e89cd8d1d4321df
969c06afa3a8e566ed7b6d37671596b88ed5cbd1
ff083009eddd90f2bddcd1fed19217e43176b5588c2febf57f7f3dbc70b61b05

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 15:37:18 GMT
Expires: Wed, 14 Jun 2023 15:37:17 GMT
Etag: "969c06afa3a8e566ed7b6d37671596b88ed5cbd1"
Cache-Control: max-age=448528,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d25e6aefb51e-OSL

sycdn.pic-726-baidu.com/images/2023/06/06/zhubo64790.jpg

104.22.28.157

200 OK

4.7 kB

URL GET HTTP/2
sycdn.pic-726-baidu.com/images/2023/06/06/zhubo64790.jpg
IP
104.22.28.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint42:43:94:40:DA:A7:6A:08:47:F1:8F:EF:01:A2:7E:C1:C7:7C:E1:0E
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.7 kB (4698 bytes)
Hash
e0727524b6f83885743bda6592a20fe5
dafc23956c0a8ab8c4196947fad4b4aa475a5093
1570b71b186f14b117c9b9c2b48e44c7e0dc1675ca05d73504cd4a921f4a6d83

HTTP Headers

GET /images/2023/06/06/zhubo64790.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/webp
content-length: 4698
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6511
content-disposition: inline; filename="zhubo64790.webp"
etag: "647a38d7-196f"
expires: Sat, 08 Jul 2023 20:52:17 GMT
last-modified: Fri, 02 Jun 2023 18:45:43 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 50373
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d25edc921bfe-OSL
X-Firefox-Spdy: h2

sycdn.pic-726-baidu.com/images/2023/06/06/zhubo64785.jpg

104.22.28.157

200 OK

8.2 kB

URL GET HTTP/2
sycdn.pic-726-baidu.com/images/2023/06/06/zhubo64785.jpg
IP
104.22.28.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint42:43:94:40:DA:A7:6A:08:47:F1:8F:EF:01:A2:7E:C1:C7:7C:E1:0E
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.2 kB (8164 bytes)
Hash
7dd362ba36ef2b1a6b611a991caf1b7a
3d9020fc9e77d66b1ade3f98f7e4bb204eb31ed9
e6f3a439a85b758f3c6f951ad18c2b38eb8c29ac18f45dfc78d075ab9b2d43f9

HTTP Headers

GET /images/2023/06/06/zhubo64785.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/webp
content-length: 8164
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8720
content-disposition: inline; filename="zhubo64785.webp"
etag: "647a38d7-2210"
expires: Sat, 08 Jul 2023 20:52:17 GMT
last-modified: Fri, 02 Jun 2023 18:45:43 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 50374
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d25edc891bfe-OSL
X-Firefox-Spdy: h2

sycdn.pic-726-baidu.com/images/2023/06/06/oumei212.jpg

104.22.28.157

200 OK

19 kB

URL GET HTTP/2
sycdn.pic-726-baidu.com/images/2023/06/06/oumei212.jpg
IP
104.22.28.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint42:43:94:40:DA:A7:6A:08:47:F1:8F:EF:01:A2:7E:C1:C7:7C:E1:0E
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
19 kB (18912 bytes)
Hash
cfa92f6ba80c5779bfbb9a7f3c047d42
7b8486dada80986a8bafea908b50cadeb3d5107f
6e56b2d9886ed472a6c749e9c847a685ee44f4adf54d46c42afffcc4e5eb91bd

HTTP Headers

GET /images/2023/06/06/oumei212.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/webp
content-length: 18912
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=193668
content-disposition: inline; filename="oumei212.webp"
etag: "647a38d1-2f484"
expires: Sat, 08 Jul 2023 20:52:17 GMT
last-modified: Fri, 02 Jun 2023 18:45:37 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 50373
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d25eec9f1bfe-OSL
X-Firefox-Spdy: h2

img.lytuchuang13.com/upload/vod/20220306-1/6debc8764acadb1ad46c9ef09394800b.jpg

154.12.54.75

200 OK

13 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-1/6debc8764acadb1ad46c9ef09394800b.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (13423 bytes)
Hash
e352d68b4bb62b297386dbea89761bb4
a1acfa0f67cd1c681829f8345052df6f823c0aac
5a70aff3204c79654b827c98e09387cdc4640716946d86340999de0f953a4954

HTTP Headers

GET /upload/vod/20220306-1/6debc8764acadb1ad46c9ef09394800b.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 13423
Last-Modified: Sun, 04 Sep 2022 18:07:35 GMT
Connection: keep-alive
ETag: "6314e967-346f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

sycdn.pic-726-baidu.com/images/2023/06/06/oumei213.jpg

104.22.28.157

200 OK

22 kB

URL GET HTTP/2
sycdn.pic-726-baidu.com/images/2023/06/06/oumei213.jpg
IP
104.22.28.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint42:43:94:40:DA:A7:6A:08:47:F1:8F:EF:01:A2:7E:C1:C7:7C:E1:0E
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
22 kB (21774 bytes)
Hash
52e944b2de3042b2b8ce449c530f7139
40719ad30d6672a67d0328d713cb3559a0269a0e
1601a1843def1d8fd64be0fdfb8941f3569509e15c1404c07dfad0617909dfc4

HTTP Headers

GET /images/2023/06/06/oumei213.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/webp
content-length: 21774
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=200779
content-disposition: inline; filename="oumei213.webp"
etag: "647a38d1-3104b"
expires: Sat, 08 Jul 2023 20:52:17 GMT
last-modified: Fri, 02 Jun 2023 18:45:37 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 50374
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d25efcb11bfe-OSL
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.21.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
ce0e085df771f251a8d54ec491e5b52f
366ea30861348a5dd5350518f1a562395d0ed8f7
d412ae8081e7b0cb8fc836d7a60643aac4d484a87e3b8eeeb8a352394791721c

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:34:47 GMT
ETag: "366ea30861348a5dd5350518f1a562395d0ed8f7"
Last-Modified: Fri, 09 Jun 2023 07:34:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 4
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d25f29efb529-OSL

img.lytuchuang13.com/upload/vod/20220306-3/e752a30c596f43ed4885c3180dbbe7e4.jpg

154.12.54.75

200 OK

9.6 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-3/e752a30c596f43ed4885c3180dbbe7e4.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 213x160, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9608 bytes)
Hash
c693bc6c64c54f87c64bf37c10663394
f5b5842234163b4bd1d370fee0b71b6c567d0544
41d3e691208bedd3fd9532901a9b9a1b09205db49114df344d2cc54c0d79dbb9

HTTP Headers

GET /upload/vod/20220306-3/e752a30c596f43ed4885c3180dbbe7e4.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 9608
Last-Modified: Sun, 04 Sep 2022 18:09:38 GMT
Connection: keep-alive
ETag: "6314e9e2-2588"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

aaaaa662.com/4413e9e57a144208a2f61c81902d4699.gif

103.170.15.88

200 OK

845 kB

URL GET HTTP/1.1
aaaaa662.com/4413e9e57a144208a2f61c81902d4699.gif
IP
103.170.15.88:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectaaaaa662.com
Fingerprint82:E6:4E:CE:A4:DC:41:70:31:66:32:1A:83:A6:A4:40:D8:B2:78:3E
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
845 kB (844931 bytes)
Hash
45e2d3263969724c0462170ebb1bf02f
7299bf9fa7f443e6db3e27be1134cba2082ef69b
998fd3a0c29f54d057f6476e7213c4422ef0b1a84942c0105f4cace27b13616c

HTTP Headers

GET /4413e9e57a144208a2f61c81902d4699.gif HTTP/1.1
Host: aaaaa662.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6436c749-ce483"
Date: Wed, 07 Jun 2023 11:53:59 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 12 Apr 2023 14:59:21 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 844931

img.lytuchuang13.com/upload/vod/20220224-2/2668b1ac543adcfaf3babce42a934218.jpg

154.12.54.75

200 OK

11 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-2/2668b1ac543adcfaf3babce42a934218.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10733 bytes)
Hash
7d5e585cb33e40c00fc9bab056e67ea2
9ed9c7e054e906c6f71c23596629b372298e4a08
152e36ca8aba868289a39b0698fd8d34d018b1a3295b04ae408d76f46e188aa2

HTTP Headers

GET /upload/vod/20220224-2/2668b1ac543adcfaf3babce42a934218.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 10733
Last-Modified: Sun, 04 Sep 2022 18:07:09 GMT
Connection: keep-alive
ETag: "6314e94d-29ed"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-4/f8269fc9cc5e4443a251e06c8d9756f0.jpg

154.12.54.75

200 OK

10 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-4/f8269fc9cc5e4443a251e06c8d9756f0.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10045 bytes)
Hash
678702cc861b85aed7ab18ac7cbc682f
d8e4084730ef8d0d36c178612c6fffb162c278ab
783d3d494071f0392406d085928173315dfc157a58cf81d24c2831a1c0cb5d76

HTTP Headers

GET /upload/vod/20220224-4/f8269fc9cc5e4443a251e06c8d9756f0.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 10045
Last-Modified: Sun, 04 Sep 2022 18:08:06 GMT
Connection: keep-alive
ETag: "6314e986-273d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.21.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
4b70eeffc8654346d0670ef2ad45b8cd
d3a5c079e8ba01b1fdaed10a0ad9b0c6bdd80ff9
6390ec834b069ee75b7f24875e75b005d36693d722bf943d3880fd01b09e7ad9

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Tue, 13 Jun 2023 08:52:58 GMT
ETag: "d3a5c079e8ba01b1fdaed10a0ad9b0c6bdd80ff9"
Last-Modified: Fri, 09 Jun 2023 08:52:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1622
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d2602b01b529-OSL

img.1266999.com/images/6469d05985beb2069fe11594.gif

103.166.246.24

302 Found

0 B

URL GET HTTP/2
img.1266999.com/images/6469d05985beb2069fe11594.gif
IP
103.166.246.24:443
ASN
#51649 Neko LLC.

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject1266999.com
FingerprintD1:56:EB:C0:F7:4E:EA:B5:4A:F8:F4:9A:8E:B1:46:B6:60:0B:7B:67
ValidityTue, 28 Mar 2023 10:26:21 GMT - Mon, 26 Jun 2023 10:26:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/6469d05985beb2069fe11594.gif HTTP/1.1
Host: img.1266999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/17/83/642bd62327e09abe368d1783.gif
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
72123cab9c00029ab4c89d4aa3d86b91
7929512b90bd617faef44cd0f465a8977bcca7a9
70d8c7a049c87016f36c107ea5f4407c15e52c1a4bbcae2acd06e2a93d5eecc2

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 09:12:11 GMT
ETag: "7929512b90bd617faef44cd0f465a8977bcca7a9"
Last-Modified: Fri, 09 Jun 2023 09:12:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2161
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d2602b60b4fd-OSL

img.1382a.xyz/images/647cfc9d932fd87e9e9daef2.gif

103.166.246.24

302 Found

0 B

URL GET HTTP/2
img.1382a.xyz/images/647cfc9d932fd87e9e9daef2.gif
IP
103.166.246.24:443
ASN
#51649 Neko LLC.

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject1382a.xyz
Fingerprint2F:7B:73:BE:01:0D:33:87:AA:41:30:22:74:03:60:37:A0:49:9E:C8
ValidityWed, 10 May 2023 09:16:31 GMT - Tue, 08 Aug 2023 09:16:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/647cfc9d932fd87e9e9daef2.gif HTTP/1.1
Host: img.1382a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif
X-Firefox-Spdy: h2

img.lytuchuang13.com/upload/vod/20220306-1/bfdc98d8ade3cc030c0cc7eb8d07cd8c.jpg

154.12.54.75

200 OK

4.2 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-1/bfdc98d8ade3cc030c0cc7eb8d07cd8c.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
4.2 kB (4160 bytes)
Hash
6a6bd2bf663aa232c064969be21a2e12
8e5b34af0256c8ea76610814973f8f6f3f535cd9
2bc2e1f66d3ef9cd4553aaeceacc93fe80d81948abc05d2b89eed87ca30b9c22

HTTP Headers

GET /upload/vod/20220306-1/bfdc98d8ade3cc030c0cc7eb8d07cd8c.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 4160
Last-Modified: Sun, 04 Sep 2022 18:06:44 GMT
Connection: keep-alive
ETag: "6314e934-1040"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.1181999.com/images/6469cde385beb2069fe11496.gif

103.166.246.24

302 Found

0 B

URL GET HTTP/2
img.1181999.com/images/6469cde385beb2069fe11496.gif
IP
103.166.246.24:443
ASN
#51649 Neko LLC.

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject1181999.com
Fingerprint6E:03:95:90:C8:C7:AF:F6:29:6C:E0:BD:87:CF:C7:A7:59:4D:9E:6A
ValidityTue, 28 Mar 2023 10:21:57 GMT - Mon, 26 Jun 2023 10:21:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/6469cde385beb2069fe11496.gif HTTP/1.1
Host: img.1181999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/dd/aa/642d6689722263a2f509ddaa.gif
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
72123cab9c00029ab4c89d4aa3d86b91
7929512b90bd617faef44cd0f465a8977bcca7a9
70d8c7a049c87016f36c107ea5f4407c15e52c1a4bbcae2acd06e2a93d5eecc2

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 09:12:11 GMT
ETag: "7929512b90bd617faef44cd0f465a8977bcca7a9"
Last-Modified: Fri, 09 Jun 2023 09:12:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2161
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d260dc4db4fd-OSL

aa887799aa.com/2d0dfe59a4254a60abb67f35b813c246.gif

103.170.15.96

200 OK

962 kB

URL GET HTTP/1.1
aa887799aa.com/2d0dfe59a4254a60abb67f35b813c246.gif
IP
103.170.15.96:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectaa887799aa.com
Fingerprint7E:47:72:F4:FC:B7:D0:35:A2:40:F0:2B:E4:0B:B4:63:AD:B9:5A:E5
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
962 kB (962058 bytes)
Hash
e3b41004adb02f54363d484f3bb499cd
9a112c9559839113de0d5e7ffd79b582575af3a1
8a6cbb20ac7ded9c2b63177b1c5b1783f7a0a152108db368d3b3e000c9631d32

HTTP Headers

GET /2d0dfe59a4254a60abb67f35b813c246.gif HTTP/1.1
Host: aa887799aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64787bc6-eae0a"
Date: Thu, 01 Jun 2023 12:53:37 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 01 Jun 2023 11:06:46 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Length: 962058

img.lytuchuang13.com/upload/vod/20220306-3/c2d551f15453a808957cbc6458fd770a.jpg

154.12.54.75

200 OK

11 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-3/c2d551f15453a808957cbc6458fd770a.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (11261 bytes)
Hash
364b5b119fd4d20482203b56677f3ac7
5b2de226164b9aa50ca79c8522d3373aecb59bd4
cb0fc82ba6a09de9f73b43901c78573898982f8231934c9e4faf58b1637052e9

HTTP Headers

GET /upload/vod/20220306-3/c2d551f15453a808957cbc6458fd770a.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 11261
Last-Modified: Sun, 04 Sep 2022 18:09:38 GMT
Connection: keep-alive
ETag: "6314e9e2-2bfd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8f69df24120b9b47f227a719b558cfd2
91578fbb3abf8037154fb6bb06469348d2d8234f
5f4637cae01d8481655f2107e76c93f76701dbd31e35f632337a4a09fff945d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Jun 2023 23:48:11 GMT
Expires: Mon, 12 Jun 2023 23:48:10 GMT
Etag: "91578fbb3abf8037154fb6bb06469348d2d8234f"
Cache-Control: max-age=305178,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d25e081cfabc-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9152ae39598957105400eda6b1164f0d
808b59dd457e5a560d55c04917f9bbedbc55f427
11f284313b7a9f76496f8b34f3354c367c93c8ca08a291abfadae6801f880a22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 08:14:40 GMT
Expires: Thu, 15 Jun 2023 08:14:39 GMT
Etag: "808b59dd457e5a560d55c04917f9bbedbc55f427"
Cache-Control: max-age=508368,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d261cb0cfabc-OSL

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ea58056040025316009ec8a48505f918
9af2d8e0bcdf47ec4167618be1bbb64def85f3ca
c7b545f9d1d1a718c48a0c74445bcdb2e8cbdea590f82b5deffccc2a9e6235cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 08:42:17 GMT
Expires: Wed, 14 Jun 2023 08:42:16 GMT
Etag: "9af2d8e0bcdf47ec4167618be1bbb64def85f3ca"
Cache-Control: max-age=423624,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d261bebbb51e-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9025dea0fbf2d406019d96c6c28c2f44
0fff70870491781261be2398a06328148fcf96aa
262ac5df94f0a99dacf5ca25c451d65b8c5e604deab4cc3157151c130f6d614d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 18:59:40 GMT
Expires: Wed, 14 Jun 2023 18:59:39 GMT
Etag: "0fff70870491781261be2398a06328148fcf96aa"
Cache-Control: max-age=460666,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d261da5cb521-OSL

sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif

172.67.197.136

200 OK

141 kB

URL GET HTTP/2
sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
IP
172.67.197.136:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectimgclh.com
Fingerprint46:4D:17:85:53:DC:4A:39:FC:8F:80:12:FC:5E:8F:89:9F:A8:E3:A7
ValiditySun, 04 Jun 2023 16:42:13 GMT - Sat, 02 Sep 2023 16:42:12 GMT

File type
GIF image data, version 89a, 960 x 100\012- data
Size
141 kB (140774 bytes)
Hash
f0e441ef3131255acdf935206c0d3635
03e14b2f6c54d3342f389fe5d773ee05e8b809fd
8d23939f6175a7229124ae55c8cd5920f2550138ee3ca273d4c708787d3090af

HTTP Headers

GET /imgs/2023/04/03/8fc08c0346fcc0a4.gif HTTP/1.1
Host: sta2.imgclh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/gif
content-length: 140774
last-modified: Mon, 03 Apr 2023 09:16:52 GMT
etag: "642a9984-225e6"
expires: Wed, 28 Jun 2023 12:35:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 944194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVk7n2%2BfERFtJM0pU8tvPf23WXUOCHgpuvn3B1VNsi6qjEdE%2FOPTKepVNeKRQQC7cjgTbff7q73sGET5heD6HzaxcUfJMIcRLANy0hx%2BBcaLpN0d35lti0zHUlxa9cLQg1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d2622f33b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

1.6 kB

URL
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
1fdcfd0235189fd19a10f9c9a37391ce
8d1b321c47e6f7626a121c22fd365985cfea486e
d9bb91a3aa79e027da5fb8d11271aa8e141a578ea54575e55231598071e54f40

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=841
Date: Fri, 09 Jun 2023 10:51:52 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307912048_388255501_75190947_8_353_20_0_-";dur=1

img.lytuchuang13.com/upload/vod/20220306-3/d8f7239f0e9b1fd467aeed2bb8cd1bda.jpg

154.12.54.75

200 OK

8.8 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-3/d8f7239f0e9b1fd467aeed2bb8cd1bda.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8811 bytes)
Hash
5b4527a1e43ef8c0d884efca14a4a88f
d3e14228d25a2b06fcb5cf6245d4ccbe06fb2c0a
4271ef8cc82c56264a7a4611b51f543f77b8f194ca0d7969de782bfa1f91f7c0

HTTP Headers

GET /upload/vod/20220306-3/d8f7239f0e9b1fd467aeed2bb8cd1bda.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 8811
Last-Modified: Sun, 04 Sep 2022 18:07:27 GMT
Connection: keep-alive
ETag: "6314e95f-226b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.mengzhan28.top/loveimgmoe/d8/a4/644266c636794e73e7a3d8a4.gif

172.67.68.155

200 OK

916 kB

URL GET HTTP/2
img.mengzhan28.top/loveimgmoe/d8/a4/644266c636794e73e7a3d8a4.gif
IP
172.67.68.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
916 kB (915679 bytes)
Hash
7a68a8d3bf266c5e5d1e500bf65a4467
1db643e9b82b26c1863a938f6d2eb435f6c13d7d
b346772cd5a447080ec03dfc2231cf1141e8772adf12054785276c10d56811ad

HTTP Headers

GET /loveimgmoe/d8/a4/644266c636794e73e7a3d8a4.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/png
content-length: 915679
cache-control: max-age=16070400
last-modified: Thu, 08 Jun 2023 13:37:44 GMT
cf-cache-status: HIT
age: 56178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MecAS84PF2bhC8WhgyZVLsV9padk%2F6re4t1zeGEg%2BcR9PbszAX7aG31OeKyuAIDgPuKIfyP6ZUGslz3hq1nnAeuMtRmSS9A6CuM7%2FGZ6QMI0Pmd1qkhjl793kgetFyoPx%2BPk8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d261fee2b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.hntv1165.top/template/yyys2/css/zui.css

104.21.45.230

200 OK

19 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/css/zui.css
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Size
19 kB (19176 bytes)
Hash
3756d98c09abc720e3e72c342912d580
5e978423f8fe5c93950338f964aec86793a3e744
4fdef8e77c25037e2bf185c905c826f1553856292ff9d91630df4589c40af1c0

HTTP Headers

GET /template/yyys2/css/zui.css HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 04:06:58 GMT
vary: Accept-Encoding
etag: W/"622acae2-164b3"
expires: Fri, 09 Jun 2023 22:51:49 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js%2BCNY1NofcizDs4%2FBu5L%2B22XpjLe2Pz7zKG%2BY4rjo43ipurCrWG1I17x%2FzPptn94mBTLAzDmP2jiJxrZUK7xRe3pOq4qjYIAzHdQd7OTchvKG7WURby4H305oAuezcg%2FrmL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d254cf9e0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.230579.top/images/643a8869bd722879215a1909.gif

103.166.246.24

302 Found

0 B

URL GET HTTP/2
img.230579.top/images/643a8869bd722879215a1909.gif
IP
103.166.246.24:443
ASN
#51649 Neko LLC.

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject230579.top
FingerprintA3:34:ED:5B:AB:23:55:0D:B1:0A:85:A4:7B:C3:E6:84:91:67:4B:AD
ValidityTue, 28 Mar 2023 11:28:49 GMT - Mon, 26 Jun 2023 11:28:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/643a8869bd722879215a1909.gif HTTP/1.1
Host: img.230579.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/2a/4e/642ffae50483127e9b602a4e.gif
X-Firefox-Spdy: h2

uu6967uu.com/c4011d0efc1a4d4fb349215282533d49.gif

103.170.15.76

200 OK

234 kB

URL GET HTTP/1.1
uu6967uu.com/c4011d0efc1a4d4fb349215282533d49.gif
IP
103.170.15.76:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu6967uu.com
FingerprintF7:95:45:0E:E3:7C:B1:F9:7B:10:8B:94:82:A9:39:8C:40:B1:02:BA
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
234 kB (234469 bytes)
Hash
3ddfd681b1fe003480426fbb48b64374
e58274f66d1320a7728ae83d40316667e173db78
1d6268c3ab5e5f343f5270610f62780222b7d559fdf6b1c56ea6e85bb8af9953

HTTP Headers

GET /c4011d0efc1a4d4fb349215282533d49.gif HTTP/1.1
Host: uu6967uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d833-393e5"
Date: Sat, 03 Jun 2023 12:57:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:35:47 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Length: 234469

img.mengzhan28.top/loveimgmoe/17/83/642bd62327e09abe368d1783.gif

172.67.68.155

200 OK

583 kB

URL GET HTTP/2
img.mengzhan28.top/loveimgmoe/17/83/642bd62327e09abe368d1783.gif
IP
172.67.68.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
583 kB (583027 bytes)
Hash
df50356535231d53a90945336958c10e
22d1de5a1331ee39e4898cd9ddcb2fe86c1712c8
31a181570aeed415150349956c9569c6e3d406810c7510aa07782d8228d34aeb

HTTP Headers

GET /loveimgmoe/17/83/642bd62327e09abe368d1783.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/png
content-length: 583027
cache-control: max-age=16070400
last-modified: Thu, 08 Jun 2023 11:45:20 GMT
cf-cache-status: HIT
age: 54339
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BKr0%2F34LBt%2FcwmveJYZO8Ey5o2Rs6LqnDCsbeIEFRBKZ0F5euF3vX4Kt4moDM27mrWtf7rm2M1r3pCRcESkBnL8P4XfZ2Q%2FF216XXHhnEYtUx%2FkRfNX2E6OLjNf7YCyYBa5bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d2634967b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.mengzhan28.top/loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif

172.67.68.155

200 OK

453 kB

URL GET HTTP/2
img.mengzhan28.top/loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif
IP
172.67.68.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
453 kB (453068 bytes)
Hash
78e489cfa5928f3c7b3491d808eea938
4651530964a8c481daae8ebc7aeb186e962d4bbc
6f39b580ed16e54e84be7cb45ed96c0d853a0625b51743bb8544d9c1d81f7ecf

HTTP Headers

GET /loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/png
content-length: 453068
cache-control: max-age=16070400
last-modified: Thu, 08 Jun 2023 09:23:54 GMT
cf-cache-status: HIT
age: 74144
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFzl3s%2Bt9TwcNXLa4ghuKr%2BPK6zU2JGlzWXCtRQYbZLJnV%2FmlHpEm90klDJHdFJqVuJTeusptQUBCRx7pHueio5TiTOzqQ4xeH2hwfJY53ypyosRNXMDxlLNzLhyKPr3XMwD%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d263596cb50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

uu3531uu.com/6b6c4101b455403ba373ae5ca973d112.gif

103.170.15.76

200 OK

684 kB

URL GET HTTP/1.1
uu3531uu.com/6b6c4101b455403ba373ae5ca973d112.gif
IP
103.170.15.76:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu3531uu.com
FingerprintD3:04:A4:AA:2E:68:57:A0:7E:24:70:B3:CE:22:27:2C:EE:FB:2B:0B
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
684 kB (683707 bytes)
Hash
f49046a5e6117c50b0d0acf38d5771fd
ff89f0896c5bbbbe248aceccfc404f8282df55a6
656acf8e658dd3ae0a4fff74ac88c58c6d06687b1ccb379a9a211c439f095493

HTTP Headers

GET /6b6c4101b455403ba373ae5ca973d112.gif HTTP/1.1
Host: uu3531uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64563e9d-a6ebb"
Date: Sun, 04 Jun 2023 23:35:01 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 May 2023 11:48:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Length: 683707

img.8578a.com/images/643e480ebd9c74225d2ef410.gif

103.166.246.24

302 Found

0 B

URL GET HTTP/2
img.8578a.com/images/643e480ebd9c74225d2ef410.gif
IP
103.166.246.24:443
ASN
#51649 Neko LLC.

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject8578a.com
FingerprintD7:7A:84:59:B7:F0:ED:25:14:2C:6E:82:15:A1:C1:BD:CF:E6:01:7E
ValidityTue, 28 Mar 2023 12:24:44 GMT - Mon, 26 Jun 2023 12:24:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/643e480ebd9c74225d2ef410.gif HTTP/1.1
Host: img.8578a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/d0/aa/643d5b897107458c94e1d0aa.gif
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b820dae8b43ae88069d939a7edff5231
26711c4d114827f71889c4edb95e42b76318f6fd
367802998bc9a80c2ecf23b356aa0104ab4ca9d10b1aa7d14d52a6b319bfddcf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 23:36:51 GMT
Expires: Tue, 13 Jun 2023 23:36:50 GMT
Etag: "26711c4d114827f71889c4edb95e42b76318f6fd"
Cache-Control: max-age=390897,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d2634c39fabc-OSL

img.lytuchuang13.com/upload/vod/20220224-2/af0d0617fea5fac42e0d689177964606.jpg

154.12.54.75

200 OK

11 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-2/af0d0617fea5fac42e0d689177964606.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 87x62, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (11443 bytes)
Hash
09ed619b7ff5a31befadca0f9ef7af1a
1a0f443fb8a5183990c4fa3ddd323883cc59b2a6
b18cfedad1de221a2f19bcb2a92286d148f5daa9efdafe74a5dffb6c08dc3da7

HTTP Headers

GET /upload/vod/20220224-2/af0d0617fea5fac42e0d689177964606.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 11443
Last-Modified: Sun, 04 Sep 2022 18:06:56 GMT
Connection: keep-alive
ETag: "6314e940-2cb3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5f8142000c0919d14f2302f5aa20f9db
6b397b31ddc7d0dad2d8b849f5c6d1d3426436db
dd9ac1aea32fbd7fd7c3e0b045266f9672cdf59ccb4148343800bf750ee5b055

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 20:20:15 GMT
Expires: Tue, 13 Jun 2023 20:20:14 GMT
Etag: "6b397b31ddc7d0dad2d8b849f5c6d1d3426436db"
Cache-Control: max-age=379106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d263e98cb51e-OSL

img.lytuchuang13.com/upload/vod/20220306-3/ec4a923558d53fbc8d3731ba43302066.jpg

154.12.54.75

200 OK

11 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-3/ec4a923558d53fbc8d3731ba43302066.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 611x480, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10891 bytes)
Hash
52235c1f3b183a32bc1164db2d4fbc2c
e9ccaa27a11341b394d96d1deb53119325c2d69f
be12f92e358a44957bed410a1b1e88db48e4c35a4099a926cbc42af08d7412fc

HTTP Headers

GET /upload/vod/20220306-3/ec4a923558d53fbc8d3731ba43302066.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 10891
Last-Modified: Sun, 04 Sep 2022 18:08:16 GMT
Connection: keep-alive
ETag: "6314e990-2a8b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.mengzhan28.top/loveimgmoe/dd/aa/642d6689722263a2f509ddaa.gif

172.67.68.155

200 OK

846 kB

URL GET HTTP/2
img.mengzhan28.top/loveimgmoe/dd/aa/642d6689722263a2f509ddaa.gif
IP
172.67.68.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
846 kB (845874 bytes)
Hash
489dcc4901b1a30689beec92450a9ae9
73cbe7390df5988e3f7356846a4147891bff8e87
64fe5fe327ed823f984012623a3b1215064196ce67c89d42522e4b10bbf1d24b

HTTP Headers

GET /loveimgmoe/dd/aa/642d6689722263a2f509ddaa.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/png
content-length: 845874
cache-control: max-age=16070400
last-modified: Wed, 07 Jun 2023 18:55:36 GMT
cf-cache-status: HIT
age: 50387
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7D4EYKY5T3lfErYYWMnbHq09uoCe6d3XO8%2FXW57etl4kL0LPU8vu21C2iAzXk3twFjdLJ0gW2QtypvgjeJFjzN5w6Tj8gu0lXcIK%2Fpp9o5GPB28MLuLv%2B0mGPjCxXsGTsnStA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d26389b7b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.lytuchuang13.com/upload/vod/20220224-1/83815c4fb779779f7ddf3a107ba4d400.jpg

154.12.54.75

200 OK

5.8 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-1/83815c4fb779779f7ddf3a107ba4d400.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
5.8 kB (5837 bytes)
Hash
2528fdb2e84bf584d62565a579fa5fa3
5069b9d6d85fbc349007f0bdeaafeaf323eacb97
aa9d48dd01db7df6b4102b83ce0e6d497c7977fd79467f083ecc9aeb4e8a2f81

HTTP Headers

GET /upload/vod/20220224-1/83815c4fb779779f7ddf3a107ba4d400.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 5837
Last-Modified: Sun, 04 Sep 2022 18:10:50 GMT
Connection: keep-alive
ETag: "6314ea2a-16cd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

uu6873uu.com/cc56068471ca42e68e559f121d434ea8.gif

103.170.15.88

200 OK

34 kB

URL GET HTTP/1.1
uu6873uu.com/cc56068471ca42e68e559f121d434ea8.gif
IP
103.170.15.88:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu6873uu.com
FingerprintE3:AF:46:82:FD:05:8D:B1:FC:8D:9A:D0:7E:29:BC:33:DB:74:42:6E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 230 x 140\012- data
Size
34 kB (33875 bytes)
Hash
cabae1cdaf78827ce7247b44e3429f37
4f7c07e2866fe2ac066dc2fe438c5283dfb05130
609d061add7cab8592eafabb0dc660dc336f97860ad5635a49e6670d47444be1

HTTP Headers

GET /cc56068471ca42e68e559f121d434ea8.gif HTTP/1.1
Host: uu6873uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d989-8453"
Date: Sun, 04 Jun 2023 05:00:25 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:41:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 33875

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
25a13f3a0a2c8678cdffd9b18e840879
4e33acdb321a86ff15f15c20f5e49524995c90ca
e10d5fc17195a4cc118e8b6c5bd97fb83b263f99120b7efd57e67fa8b1d4935d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 02:16:28 GMT
Expires: Thu, 15 Jun 2023 02:16:27 GMT
Etag: "4e33acdb321a86ff15f15c20f5e49524995c90ca"
Cache-Control: max-age=486874,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d264eddfb521-OSL

img.lytuchuang13.com/upload/vod/20220313-1/2def28502b8edd315e78476f7b579c2e.jpg

154.12.54.75

200 OK

611 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220313-1/2def28502b8edd315e78476f7b579c2e.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
PNG image data, 420 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
611 kB (610631 bytes)
Hash
d00d68954ee80aad331203bbbecddd2d
3f56a161fd6c4d890cc7e290bcd3d8fc8d7099be
62f5deac11feda656fb4b11d66ddea4ba2fe735d4a37ae1b96fbfbc5fe551955

HTTP Headers

GET /upload/vod/20220313-1/2def28502b8edd315e78476f7b579c2e.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 610631
Last-Modified: Sun, 04 Sep 2022 18:07:12 GMT
Connection: keep-alive
ETag: "6314e950-95147"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220313-1/2a631a9ea9263262af4d6f2d1ddcf94b.jpg

154.12.54.75

200 OK

432 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220313-1/2a631a9ea9263262af4d6f2d1ddcf94b.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
PNG image data, 420 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
432 kB (431883 bytes)
Hash
a48f75988fcd2cabfd66934c87258ab6
8378efc0ae01655fbb6ef0a63575b653d744e472
243a42832836a7dadda359d5b316110b6e71560ecaf73cad228dfc78c8dcaa6a

HTTP Headers

GET /upload/vod/20220313-1/2a631a9ea9263262af4d6f2d1ddcf94b.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 431883
Last-Modified: Sun, 04 Sep 2022 18:16:55 GMT
Connection: keep-alive
ETag: "6314eb97-6970b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-1/0f25ee90aa7d20d3270a0f798e38b8a4.jpg

154.12.54.75

200 OK

2.1 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-1/0f25ee90aa7d20d3270a0f798e38b8a4.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
2.1 kB (2067 bytes)
Hash
b17fbb31b942ed9a43a793e515718316
f35594200eef370fed323ed0b3a6ddac03dfebd1
72eeea2f2160087acaa182bfcfd89dee925beeed8b4505338f020a8136e9acff

HTTP Headers

GET /upload/vod/20220224-1/0f25ee90aa7d20d3270a0f798e38b8a4.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 2067
Last-Modified: Sun, 04 Sep 2022 18:08:18 GMT
Connection: keep-alive
ETag: "6314e992-813"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

88885aaa.com/e6c317cdc96d44b0899db87aaafab7ee.gif

103.170.15.91

200 OK

50 kB

URL GET HTTP/1.1
88885aaa.com/e6c317cdc96d44b0899db87aaafab7ee.gif
IP
103.170.15.91:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subject88885aaa.com
FingerprintDB:DF:65:BC:F2:3F:B7:58:F1:94:07:CE:8B:A7:EE:66:52:3E:D5:17
ValiditySun, 20 Nov 2022 00:00:00 GMT - Mon, 20 Nov 2023 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 185\012- data
Size
50 kB (50060 bytes)
Hash
e12c1a7cf8648432020ec6316dea272e
30999d9e0eed16eac5a9cf51b05b4b218d97993e
b9ba306c09575a04e2a7079368309f1025c1000a43f5676a429ebdee83a65698

HTTP Headers

GET /e6c317cdc96d44b0899db87aaafab7ee.gif HTTP/1.1
Host: 88885aaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64310d1b-c38c"
Date: Tue, 06 Jun 2023 12:44:06 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 08 Apr 2023 06:43:39 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 50060

img.lytuchuang13.com/upload/vod/20220313-1/39c327a5178333238c1d82f73aa7cd52.jpg

154.12.54.75

200 OK

579 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220313-1/39c327a5178333238c1d82f73aa7cd52.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
PNG image data, 420 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
579 kB (579246 bytes)
Hash
5a3b69e58ded62fe42ef4ff8078c1782
60921903d477291a383dff0564c4486e60114877
1b84eeaa9a9400ede5506c9cf42d72ffc35f7f835af2ec08cd7c98f123595d15

HTTP Headers

GET /upload/vod/20220313-1/39c327a5178333238c1d82f73aa7cd52.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 579246
Last-Modified: Sun, 04 Sep 2022 18:17:08 GMT
Connection: keep-alive
ETag: "6314eba4-8d6ae"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

aaaaa866.com/132daa713535434dac1c05eee05542f2.gif

103.170.15.81

200 OK

67 kB

URL GET HTTP/1.1
aaaaa866.com/132daa713535434dac1c05eee05542f2.gif
IP
103.170.15.81:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectaaaaa866.com
FingerprintC2:5E:D3:55:A4:90:39:39:DE:6F:8B:38:A7:7B:D8:22:55:BE:7F:8E
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 185\012- data
Size
67 kB (67385 bytes)
Hash
5693c9055e74e2a7bed0984fe88f1155
ec33fdeb4502892303e0eca8976258f1eec128fc
5160a6efbb24033e80d950f6cf9368829e70b00f3f07a149f8787338ed609c35

HTTP Headers

GET /132daa713535434dac1c05eee05542f2.gif HTTP/1.1
Host: aaaaa866.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64396761-10739"
Date: Mon, 05 Jun 2023 07:05:13 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 14 Apr 2023 14:46:57 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-11
Content-Length: 67385

uu5512uu.com/d60a2f39984e4eefa0b6a51e54e391c8.gif

103.170.15.72

200 OK

394 kB

URL GET HTTP/1.1
uu5512uu.com/d60a2f39984e4eefa0b6a51e54e391c8.gif
IP
103.170.15.72:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu5512uu.com
Fingerprint4D:3E:AC:72:29:12:C4:40:FF:F1:F0:81:44:22:E2:DB:B5:8A:3F:21
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
394 kB (394028 bytes)
Hash
f0fa13b5e33e9f6c78bd5af45b73abde
64ce0ef8879a2fa0778b0ba18128242b264585f3
9af034aabdeadb16f9fbc4fd568eb89cec771e74c342210bddd778223b7f6bc1

HTTP Headers

GET /d60a2f39984e4eefa0b6a51e54e391c8.gif HTTP/1.1
Host: uu5512uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d960-6032c"
Date: Thu, 01 Jun 2023 07:53:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:40:48 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 394028

img.lytuchuang13.com/upload/vod/20220313-1/e23ef261416cd052018c4e68b433d0cd.jpg

154.12.54.75

200 OK

564 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220313-1/e23ef261416cd052018c4e68b433d0cd.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
PNG image data, 420 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
564 kB (563646 bytes)
Hash
34d0ab460a035b26e823a7a1690a648d
c972f376c4791cf3acb28f8251fa81c04858cfb1
c5bba0846471a0e18aa2d88d547bcef537ad890b16d3cf8badfd27cfa9b67148

HTTP Headers

GET /upload/vod/20220313-1/e23ef261416cd052018c4e68b433d0cd.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/jpeg
Content-Length: 563646
Last-Modified: Sun, 04 Sep 2022 18:17:08 GMT
Connection: keep-alive
ETag: "6314eba4-899be"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-1/de5172c0bb01a97ed983bd7f987ea0c9.jpg

154.12.54.75

200 OK

4.9 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-1/de5172c0bb01a97ed983bd7f987ea0c9.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
4.9 kB (4873 bytes)
Hash
f8443420c8f96d1d8b3e72e1321874d3
c6cb4546566f1f6afe5d80c0dbec99bdba049350
ca52601c24a71a9dd935adeeb875b6d04f036cb4939fd3b55ae578fe21a937a3

HTTP Headers

GET /upload/vod/20220224-1/de5172c0bb01a97ed983bd7f987ea0c9.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 4873
Last-Modified: Sun, 04 Sep 2022 18:08:34 GMT
Connection: keep-alive
ETag: "6314e9a2-1309"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-1/1b6d6f097f58a12f3b52050fad06aa68.jpg

154.12.54.75

200 OK

4.9 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-1/1b6d6f097f58a12f3b52050fad06aa68.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
4.9 kB (4873 bytes)
Hash
ee3842af7e6d5fb9df129a87438dd0c9
4dbae3cf57618eecf8fcf14bfc93d0c04e4e2720
2db934d8b56df1565dc3f3b6551b535e743e836597a3ba0100f1886e074a378c

HTTP Headers

GET /upload/vod/20220224-1/1b6d6f097f58a12f3b52050fad06aa68.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 4873
Last-Modified: Sun, 04 Sep 2022 18:11:30 GMT
Connection: keep-alive
ETag: "6314ea52-1309"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
3979d683301177a0991ed0ab9315b90b
14c3e78448590d950673ba4a6826d2e116947078
1b8645d39d194810b8d64d6187592869d426629b3e76c04f15e255b411bdbb37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 00:32:24 GMT
Expires: Thu, 15 Jun 2023 00:32:23 GMT
Etag: "14c3e78448590d950673ba4a6826d2e116947078"
Cache-Control: max-age=480630,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d2665e46fabc-OSL

img.lytuchuang13.com/upload/vod/20220224-1/ce1bfd55fb9287e4e64e75efe8d2e3dc.jpg

154.12.54.75

200 OK

7.4 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-1/ce1bfd55fb9287e4e64e75efe8d2e3dc.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
7.4 kB (7385 bytes)
Hash
4510b3152a7151e04447ac96cd6d50c5
d59a17278ae42506329cffe502a3305e9561b31b
9e865b0d95931a7698a407481b85de754850af4d31c1262d45ba11747145c585

HTTP Headers

GET /upload/vod/20220224-1/ce1bfd55fb9287e4e64e75efe8d2e3dc.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 7385
Last-Modified: Sun, 04 Sep 2022 18:09:42 GMT
Connection: keep-alive
ETag: "6314e9e6-1cd9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-1/f46aab7ac7e1d437e9e4f6fa03fcb5ec.jpg

154.12.54.75

200 OK

6.3 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-1/f46aab7ac7e1d437e9e4f6fa03fcb5ec.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
6.3 kB (6289 bytes)
Hash
55a41608bd4acd6f3e379cc0f772dba7
1c1235f7e81bff744e1fcbcf9ac2f413f3f8f344
b4fbaa6b0a1cba9b723ae153d15c425c981225b3f251d446c4fc6f9dadeccdd9

HTTP Headers

GET /upload/vod/20220224-1/f46aab7ac7e1d437e9e4f6fa03fcb5ec.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 6289
Last-Modified: Sun, 04 Sep 2022 18:09:36 GMT
Connection: keep-alive
ETag: "6314e9e0-1891"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.cn/

47.246.44.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
6ce360080eaceb3270054d0760203e3a
e77556b910592232c25bd7a86f8dfba0f27d91b6
6ced0c43fdde511149b6fee759822971e16da0e7c3a63b08aeed85ba581394b4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 09 Jun 2023 10:51:52 GMT
Ali-Swift-Global-Savetime: 1686307912
Via: cache9.l2de2[272,272,200-0,M], cache9.l2de2[273,0], cache1.se1[295,295,200-0,M], cache1.se1[297,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 09 Jun 2023 10:51:52 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516863079124464219e

img.lytuchuang13.com/upload/vod/20220306-1/dfd9ac9c0a5e5cf8b94e633b0bcd810f.jpg

154.12.54.75

200 OK

5.7 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-1/dfd9ac9c0a5e5cf8b94e633b0bcd810f.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.7 kB (5707 bytes)
Hash
39ca9f4e6c92d3b669a18425225f0231
7fcb9254c8dad2ffb322755c15f88b6c8b536bcc
41b62d7f44df0ebd00b21f4344e518203bab4d170504c5c74375523da43b5212

HTTP Headers

GET /upload/vod/20220306-1/dfd9ac9c0a5e5cf8b94e633b0bcd810f.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 5707
Last-Modified: Sun, 04 Sep 2022 18:07:01 GMT
Connection: keep-alive
ETag: "6314e945-164b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220223-1/6a62bf5ba37802fa5cd893684121a246.jpg

154.12.54.75

200 OK

10 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220223-1/6a62bf5ba37802fa5cd893684121a246.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10452 bytes)
Hash
453badd0597b0a2e3f8b236303432f91
c18e4131fcd5877ce1921e438084c7ccf327ebe2
00e24afc2e4286dd28cc72d6dceedfc9dd2987415e6aac05347bfa0b8efe30e6

HTTP Headers

GET /upload/vod/20220223-1/6a62bf5ba37802fa5cd893684121a246.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 10452
Last-Modified: Sun, 04 Sep 2022 18:12:37 GMT
Connection: keep-alive
ETag: "6314ea95-28d4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220306-1/5e9ce4a4a4b45598844405d786f0588e.jpg

154.12.54.75

200 OK

8.8 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220306-1/5e9ce4a4a4b45598844405d786f0588e.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8825 bytes)
Hash
24772258838b1967401c2d9a79ea817b
b20f900e5b9ce5b1a69aa177bd3d345c95db15ec
fef47c4f180ae72e7861aceddaf9d9d075af6b3fbc5d6ccdd46c0302e0430bdf

HTTP Headers

GET /upload/vod/20220306-1/5e9ce4a4a4b45598844405d786f0588e.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 8825
Last-Modified: Sun, 04 Sep 2022 18:07:35 GMT
Connection: keep-alive
ETag: "6314e967-2279"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220223-1/6dcf5fa45c70a4a080bcf08694e1d7f6.jpg

154.12.54.75

200 OK

12 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220223-1/6dcf5fa45c70a4a080bcf08694e1d7f6.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (11809 bytes)
Hash
e1ff032ff69928c917c8e9dfea9dee43
d94a1d1529dbd27332143d6f60399cde5e6bc43a
5feb1f7ddfff07e0144dba49e54a12c5684b76567453e4b74cef2651be9b272d

HTTP Headers

GET /upload/vod/20220223-1/6dcf5fa45c70a4a080bcf08694e1d7f6.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 11809
Last-Modified: Sun, 04 Sep 2022 18:10:45 GMT
Connection: keep-alive
ETag: "6314ea25-2e21"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

oss-cn-shenzhen.aliyun06062023.com/imgs/y96060_1.gif

172.247.170.197

200 OK

157 kB

URL GET HTTP/1.1
oss-cn-shenzhen.aliyun06062023.com/imgs/y96060_1.gif
IP
172.247.170.197:443
ASN
#40065 CNSERVERS

Requested by
https://www.hntv1165.top/
Certificate
IssuerUnizeto Technologies S.A.
Subjectoss-cn-shenzhen.aliyun06062023.com
Fingerprint11:2C:54:C0:66:DD:45:35:45:3B:66:27:05:BA:D9:5C:BA:EA:92:D7
ValidityMon, 05 Jun 2023 07:25:46 GMT - Thu, 04 Jul 2024 07:25:45 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
157 kB (157267 bytes)
Hash
8e9c3e77855c8e70895f70d5345ba224
40dbe02858024e3f553bdb7ec94e38bfec1648e1
3e15783fcb462dd6e4fe58bfd578ab0591eb3330a9bd41364a59421a598c13a2

HTTP Headers

GET /imgs/y96060_1.gif HTTP/1.1
Host: oss-cn-shenzhen.aliyun06062023.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
ETag: "647da3ed-26653"
Server: nginx
Date: Mon, 05 Jun 2023 12:32:51 GMT
Content-Type: image/gif
Last-Modified: Mon, 05 Jun 2023 08:59:25 GMT
Expires: Wed, 05 Jul 2023 12:32:51 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Age: 339542
X-Cache: HIT from ac web server
Content-Length: 157267

img.lytuchuang13.com/upload/vod/20220223-1/fdb3eec19ea55d1cf6570b8b012d9275.jpg

154.12.54.75

200 OK

8.6 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220223-1/fdb3eec19ea55d1cf6570b8b012d9275.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
8.6 kB (8590 bytes)
Hash
adecdee0cf12465cb0e4ccca31007de9
1b016b536665a532b94c1753ad596049fb47c9d3
4949a7cc4f6294596378d1799b12fdc5055621ad15a07145b16c32f3713142a0

HTTP Headers

GET /upload/vod/20220223-1/fdb3eec19ea55d1cf6570b8b012d9275.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 8590
Last-Modified: Sun, 04 Sep 2022 18:06:44 GMT
Connection: keep-alive
ETag: "6314e934-218e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220223-1/c4b5d9df7b49776c9276f2a642540c21.jpg

154.12.54.75

200 OK

8.9 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220223-1/c4b5d9df7b49776c9276f2a642540c21.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.9 kB (8901 bytes)
Hash
5ec11e7aea6fb6f0d9259c3408ed9dd4
8b553401f685a7020ade1364c4e4787a217b7026
b4d7cbe018ffceab83de16004eb98720eb2f7a3117da58f4d5ad7842771f131e

HTTP Headers

GET /upload/vod/20220223-1/c4b5d9df7b49776c9276f2a642540c21.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 8901
Last-Modified: Sun, 04 Sep 2022 18:13:02 GMT
Connection: keep-alive
ETag: "6314eaae-22c5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-2/d7feec15b1f09e30bd5a969aa980e47b.jpg

154.12.54.75

200 OK

12 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-2/d7feec15b1f09e30bd5a969aa980e47b.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 717x538, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (11580 bytes)
Hash
a287558a57c98e2456106a2517e658cc
8e318e318951c68ed3880254fdf58da8a37e4c4d
a2b4c79a44faeffb4ffe6771c3d0da159b5ae56a9ad84b71ec2c7e12e82d704c

HTTP Headers

GET /upload/vod/20220224-2/d7feec15b1f09e30bd5a969aa980e47b.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 11580
Last-Modified: Sun, 04 Sep 2022 18:07:23 GMT
Connection: keep-alive
ETag: "6314e95b-2d3c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f502bc8cf829c74d75da49691be70dad
9efced87bc62ae82fc81415654b139c3d5781dc2
1f8cb33dc9657fe431c5ed9d44f8d7d54b7925baa3d0e9acb41ca1afa8d34784

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 03:15:11 GMT
Expires: Thu, 15 Jun 2023 03:15:10 GMT
Etag: "9efced87bc62ae82fc81415654b139c3d5781dc2"
Cache-Control: max-age=490397,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d266bd48b51e-OSL

8388tp.com/tp/980x60.gif

162.250.140.188

200 OK

60 kB

URL GET HTTP/1.1
8388tp.com/tp/980x60.gif
IP
162.250.140.188:443
ASN
#62587 ANT-CLOUD

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subject8388tp.com
Fingerprint8A:DF:4D:27:E6:00:94:BE:CA:5C:CC:C0:24:7E:DE:A1:80:C1:C6:7E
ValidityTue, 28 Mar 2023 09:45:41 GMT - Mon, 26 Jun 2023 09:45:40 GMT

File type
GIF image data, version 89a, 980 x 61\012- data
Size
60 kB (60278 bytes)
Hash
2ba7349622b60057c41d48576fe5939d
1e2f5c45487179792c6f01bd3aeeee4dd03d97be
a3b3d9deae6d11647d4b5f693f32f4f823f1e9ffd9cb202010c2ae6447cada07

HTTP Headers

GET /tp/980x60.gif HTTP/1.1
Host: 8388tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Jun 2023 10:51:45 GMT
Content-Type: image/gif
Content-Length: 60278
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2023 07:51:28 GMT
ETag: "64366300-eb76"
Expires: Fri, 16 Jun 2023 09:05:48 GMT
Cache-Control: max-age=2592000
Via: localhost.localdomain
CDN-Cache: HIT
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bf51bc196c074ba9c0a6776df84b7765
e0c2040eea7f12a07c6cd074d1f462375417b8e0
10cbf88e5fccdf4e9d8bde4aa145e223499698ab73069c355e7a4655f50a9301

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 03:35:23 GMT
Expires: Wed, 14 Jun 2023 03:35:22 GMT
Etag: "e0c2040eea7f12a07c6cd074d1f462375417b8e0"
Cache-Control: max-age=405209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d266d84eb521-OSL

img.lytuchuang13.com/upload/vod/20220224-2/219a15e7a880cdc1b3d5e1e3d899a202.jpg

154.12.54.75

200 OK

9.5 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-2/219a15e7a880cdc1b3d5e1e3d899a202.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.5 kB (9462 bytes)
Hash
6aa32a84b9ed23d6316403a0b33c6911
1b5dce30c3e131c6b839de09cb1c683544648dd7
b3bf9678a4decffbe87dc7d609ce1243bbc483c2942e78ae3c7395ddb1ee01cb

HTTP Headers

GET /upload/vod/20220224-2/219a15e7a880cdc1b3d5e1e3d899a202.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 9462
Last-Modified: Sun, 04 Sep 2022 18:07:17 GMT
Connection: keep-alive
ETag: "6314e955-24f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

si1.go2yd.com/get-image/0xmAGT9KS9C

163.171.140.79

200 OK

118 kB

URL GET HTTP/2
si1.go2yd.com/get-image/0xmAGT9KS9C
IP
163.171.140.79:443
ASN
#54994 QUANTILNETWORKS

Requested by
https://www.hntv1165.top/
Certificate
IssuerDigiCert Inc
Subject*.go2yd.com
Fingerprint10:D5:37:C8:91:A2:3A:14:E3:B5:69:9A:33:EE:0B:3E:78:78:29:98
ValidityThu, 23 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT

File type
GIF image data, version 89a, 640 x 200\012- data
Size
118 kB (117593 bytes)
Hash
c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269

HTTP Headers

GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:10 (Cdn Cache Server V2.0)
x-ws-request-id: 64830448_PShlamstdAMS1vj92_12475-22711
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

img.lytuchuang13.com/upload/vod/20220224-4/31a6dddb7ea98baa9bf1afc3ca145165.jpg

154.12.54.75

200 OK

4.5 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-4/31a6dddb7ea98baa9bf1afc3ca145165.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
4.5 kB (4471 bytes)
Hash
c8517e58ed76fef4e40c0025403c1c39
3ad7ea312032f6e5cf25b6e8a96046c637b92b64
c20a03c7b16a7835153ab522df2d37f6ddf06b48bf0a87185803c27c4d2f4cb6

HTTP Headers

GET /upload/vod/20220224-4/31a6dddb7ea98baa9bf1afc3ca145165.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 4471
Last-Modified: Sun, 04 Sep 2022 18:07:25 GMT
Connection: keep-alive
ETag: "6314e95d-1177"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.lytuchuang13.com/upload/vod/20220224-4/844aefea61d792b5b5c97f090e2d8741.jpg

154.12.54.75

200 OK

5.7 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-4/844aefea61d792b5b5c97f090e2d8741.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.7 kB (5727 bytes)
Hash
dda5781eaefaf89f55b01eb00331a8c1
6ffe04a41d5c9e77062e533af14c23787506c3c9
709c88863dd9eaed9f769bdc5eb438b616972f99d22275c232ae77eeaeca42bf

HTTP Headers

GET /upload/vod/20220224-4/844aefea61d792b5b5c97f090e2d8741.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/jpeg
Content-Length: 5727
Last-Modified: Sun, 04 Sep 2022 18:08:06 GMT
Connection: keep-alive
ETag: "6314e986-165f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.mengzhan28.top/loveimgmoe/2a/4e/642ffae50483127e9b602a4e.gif

172.67.68.155

200 OK

451 kB

URL GET HTTP/2
img.mengzhan28.top/loveimgmoe/2a/4e/642ffae50483127e9b602a4e.gif
IP
172.67.68.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
451 kB (450633 bytes)
Hash
037346d130f3454c6ea932e78bffe765
5e5d688db30d3e5a7b06a80717269c88123f54fb
fd8be7b9f286c1e3f8468cc6bf76b047b3e1346a1054f51c2ca732c909337daa

HTTP Headers

GET /loveimgmoe/2a/4e/642ffae50483127e9b602a4e.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:53 GMT
content-type: image/png
content-length: 450633
cache-control: max-age=16070400
last-modified: Thu, 08 Jun 2023 07:58:29 GMT
cf-cache-status: HIT
age: 74145
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv4SrFSjROJhH6ryr3sb5lwsSoIlNoCojeL%2BDxisLDV7b3vJNBZBp4AAwhfniXMZNNcAEkTEGY9eNts2Rc00%2F0XhHa8sgrRwvFE6LRhGcNB8rKFUDl68nEOM3nyz0OG0Ivalbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d268ba45b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
dfed4bd35ff14cf82f0f5ba8da463eb8
771463040c6b4930eac7bcb28451d555a7b6e4c9
6a54cc5b38ed350ad735c741a100dfa298492027ca8a18956c33486e8817dd7a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 17:13:12 GMT
Expires: Wed, 14 Jun 2023 17:13:11 GMT
Etag: "771463040c6b4930eac7bcb28451d555a7b6e4c9"
Cache-Control: max-age=454281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d2689fc7fabc-OSL

img.lytuchuang13.com/upload/vod/20220224-4/d0d50015262ce2514e30b8819c16ef5d.jpg

154.12.54.75

200 OK

6.3 kB

URL GET HTTP/1.1
img.lytuchuang13.com/upload/vod/20220224-4/d0d50015262ce2514e30b8819c16ef5d.jpg
IP
154.12.54.75:443
ASN
#22769 DDOSING-BGP-NETWORK

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectimg.lytuchuang13.com
Fingerprint4A:2E:FE:53:D0:05:BA:40:DC:87:D8:DD:94:39:B8:E0:DE:B4:BB:43
ValiditySat, 29 Apr 2023 13:39:36 GMT - Fri, 28 Jul 2023 13:39:35 GMT

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
6.3 kB (6312 bytes)
Hash
2e3c32b228a75c474e9ab8bf2f618c33
d7089bdeae1bfceebe6949011a12e0a2bc67baa1
3f88a3c2eae4aed1c21e396708c9c3f4f444383fc5d07e3e00913ee01aeb87c2

HTTP Headers

GET /upload/vod/20220224-4/d0d50015262ce2514e30b8819c16ef5d.jpg HTTP/1.1
Host: img.lytuchuang13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:51:53 GMT
Content-Type: image/jpeg
Content-Length: 6312
Last-Modified: Sun, 04 Sep 2022 18:07:25 GMT
Connection: keep-alive
ETag: "6314e95d-18a8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif

121.226.246.3

200 OK

1.3 MB

URL GET HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
IP
121.226.246.3:443
ASN
#4134 Chinanet

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.3 MB (1296026 bytes)
Hash
5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320

HTTP Headers

GET /ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/gif
content-length: 1296026
cache-control: max-age=15552000
expires: Tue, 05 Dec 2023 01:14:34 GMT
last-modified: Sat, 26 Nov 2022 04:47:38 GMT
age: 121037
via: http/1.1 ORI-CLOUD-HUZ-MIX-24 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-23 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1686186874694-0-0-0-99-99;200;200-1686288284929-0-0-0-1-1;200-1686307911574-0-0-0-1-1
X-Firefox-Spdy: h2

kjimg10.360buyimg.com/ott/jfs/t1/96065/36/27822/335945/6380d2bdE11ab9724/63ce772bd832571a.gif

121.226.246.3

200 OK

336 kB

URL GET HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/96065/36/27822/335945/6380d2bdE11ab9724/63ce772bd832571a.gif
IP
121.226.246.3:443
ASN
#4134 Chinanet

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
336 kB (335945 bytes)
Hash
a06fd13e48fb3e56ab6f4eae12348936
566f987d71d4bbe364a9f4fac9c023ea22a6db96
f5b462a221b9c085081817a50cfd0dfd07e72655b3d0c9939568d4b08ed93eb4

HTTP Headers

GET /ott/jfs/t1/96065/36/27822/335945/6380d2bdE11ab9724/63ce772bd832571a.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/gif
content-length: 335945
cache-control: max-age=15552000
expires: Sun, 03 Dec 2023 14:25:39 GMT
last-modified: Fri, 25 Nov 2022 14:35:41 GMT
age: 246372
via: http/1.1 ORI-CLOUD-HUZ-MIX-30 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-23 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1686061539799-0-0-16-100-100;200;200-1686225654541-0-0-1-4-4;200-1686307911940-0-0-0-1-1
X-Firefox-Spdy: h2

shouptt.cn/960x60-3.gif

218.66.171.11

200 OK

624 kB

URL GET HTTP/2
shouptt.cn/960x60-3.gif
IP
218.66.171.11:443
ASN
#133776 Quanzhou

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectshouptt.cn
Fingerprint19:63:93:B7:C6:DE:2E:8B:E5:8D:88:B5:D5:23:29:BE:76:43:53:1C
ValidityTue, 30 May 2023 08:26:29 GMT - Mon, 28 Aug 2023 08:26:28 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
624 kB (624239 bytes)
Hash
0c2b3fdb8fe3d7d704f0cbc849a30108
d55ddccd9418fba968679a15b5a68fc88d5595e8
1cb854c08b3ea3a6f921f05d9c80a65377184ea5e8ac97b1389fc4bf75c2ed13

HTTP Headers

GET /960x60-3.gif HTTP/1.1
Host: shouptt.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NgxFence
date: Fri, 09 Jun 2023 10:51:51 GMT
content-type: image/gif
content-length: 624239
last-modified: Sun, 16 Apr 2023 07:11:46 GMT
x-rgw-object-type: Normal
etag: "0c2b3fdb8fe3d7d704f0cbc849a30108"
x-amz-request-id: tx000000000000000084a4a-006476d9c0-3dcc3-default
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-headers: *
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

aaaaa366.com/c2e2a03789c44201a16b1828911a8b9f.gif

103.170.15.88

200 OK

611 kB

URL GET HTTP/1.1
aaaaa366.com/c2e2a03789c44201a16b1828911a8b9f.gif
IP
103.170.15.88:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectaaaaa366.com
Fingerprint85:99:AB:E9:57:DB:49:14:72:84:BA:7A:85:A8:F7:1B:F8:53:E9:61
ValidityMon, 27 Mar 2023 00:00:00 GMT - Tue, 26 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
611 kB (610672 bytes)
Hash
bff8a4891c59161a7f141460ef83b9c7
66056037282758ce057100e55472136f18d9b676
e07d9922013984cee96ddae429010076f0bea67cd148d9ec5d0370994ab103ed

HTTP Headers

GET /c2e2a03789c44201a16b1828911a8b9f.gif HTTP/1.1
Host: aaaaa366.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "646ca887-95170"
Date: Fri, 02 Jun 2023 04:03:15 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 23 May 2023 11:50:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 610672

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d8a96f0cc9885bead95ff007801a7ea4
07c32653024814e7597a92632ba68de539b0881e
c072b2619b3e841ab0df9c149a9acbb3ceb1b3bb973738740d96331ac8545ce7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 08:49:51 GMT
Expires: Wed, 14 Jun 2023 08:49:50 GMT
Etag: "07c32653024814e7597a92632ba68de539b0881e"
Cache-Control: max-age=424076,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d269a965b51e-OSL

3p8801.co/xx/960x180.gif

142.4.117.122

200 OK

380 kB

URL GET HTTP/2
3p8801.co/xx/960x180.gif
IP
142.4.117.122:443
ASN
#54600 PEGTECHINC

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subject3p8801.co
FingerprintE6:00:87:5C:D0:2E:7D:8B:7A:9C:69:D6:F5:D6:95:79:0E:22:25:63
ValidityWed, 01 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 180\012- data
Size
380 kB (380151 bytes)
Hash
fe764cb8f0d2241c37ae5a4308f97aec
8fef4c49f912b0a20e2455522ca634bd98cae414
51bbdd9d621a9f02ad69dc5296dae127dfd60f0005f296bf7bc9e28a71b6c8c2

HTTP Headers

GET /xx/960x180.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:51:52 GMT
content-type: image/gif
content-length: 380151
last-modified: Tue, 07 Mar 2023 10:50:19 GMT
etag: "640716eb-5ccf7"
expires: Sun, 09 Jul 2023 10:51:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

static.qwahk.com/960x60.gif

154.39.80.49

200 OK

187 kB

URL GET HTTP/1.1
static.qwahk.com/960x60.gif
IP
154.39.80.49:443
ASN
#174 COGENT-174

Requested by
https://www.hntv1165.top/
Certificate
IssuerBuypass AS-983163327
Subjectstatic.qwahk.com
Fingerprint53:20:3A:5D:3B:DC:AB:26:57:60:C1:C2:0E:A5:1A:D5:E7:12:56:EE
ValidityFri, 09 Jun 2023 02:34:00 GMT - Tue, 05 Dec 2023 22:59:00 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
187 kB (186717 bytes)
Hash
d5c7abafee220d36ad4c23f76d8d428c
31825dedcd230ec6c31b3654c89e3cd35124d327
c25d50eea7fe6b832b3b5a1b3735f5cd9cdd3feb917ca24e9ac82c83bc7ad8b2

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 186717
Content-Type: image/gif;charset=UTF-8
Date: Thu, 27 Apr 2023 06:30:17 GMT
ETag: "1686306382"
Last-Modified: Fri, 09 Jun 2023 10:26:22 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 dianxun232:2 (W), 1.1 PSmgshxSJC1cd36:13 (W)
X-Cache: HIT, server, memory
X-Px: ms PSmgshxSJC1cd36SJC,ms dianxun232000(origin)
X-Reqid: 2019214167228180202304271430178SIVBGrYsampled
X-Ws-Request-Id: 644a1679_PSmgshxSJC1cd36_4616-20202

23-download8868.oss-cn-hongkong.aliyuncs.com/txqp/c92552651a92f9a6dd0abbbd0c871d25.gif

47.56.33.53

200 OK

488 kB

URL GET HTTP/1.1
23-download8868.oss-cn-hongkong.aliyuncs.com/txqp/c92552651a92f9a6dd0abbbd0c871d25.gif
IP
47.56.33.53:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subjectoss-cn-hongkong.aliyuncs.com
Fingerprint5C:54:6A:2A:0F:08:BF:7D:08:9D:A9:9B:21:2F:00:47:89:4F:59:91
ValiditySun, 23 Apr 2023 03:01:18 GMT - Fri, 24 May 2024 03:01:17 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
488 kB (488135 bytes)
Hash
93fe47fe26ceec111ad46eda456f6dd4
05d32558e00211aa4adbf4360ee87f87edd12b5c
4a6e047d0a87d1cf6a4356a939431cda9129846cb556dda1f2a4b3806357d2a4

HTTP Headers

GET /txqp/c92552651a92f9a6dd0abbbd0c871d25.gif HTTP/1.1
Host: 23-download8868.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/gif
Content-Length: 488135
Connection: keep-alive
x-oss-request-id: 6483044723C0543739A40DB0
Accept-Ranges: bytes
ETag: "93FE47FE26CEEC111AD46EDA456F6DD4"
Last-Modified: Sat, 27 May 2023 02:39:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16505922086360346824
x-oss-storage-class: Standard
Content-MD5: k/5H/ibO7BEa1G7aRW9t1A==
x-oss-server-time: 2

uu9665uu.com/68a446f2b8e5464dbbd2c39ea7ba1b32.gif

103.170.15.106

200 OK

694 kB

URL GET HTTP/1.1
uu9665uu.com/68a446f2b8e5464dbbd2c39ea7ba1b32.gif
IP
103.170.15.106:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu9665uu.com
FingerprintB9:6F:2B:FB:AF:FD:7D:F7:E9:5B:8B:3A:08:39:F0:E3:9E:0F:0A:B9
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
694 kB (694427 bytes)
Hash
ca72ead0e8ca04ed5615c1fb5e6b9020
6cbcfc7399d7c5d8b2718e5e30228aef77cb8bef
319d638d71705f3f01a11b97d47256237cfdf836fe2434ce5453e65278d2a055

HTTP Headers

GET /68a446f2b8e5464dbbd2c39ea7ba1b32.gif HTTP/1.1
Host: uu9665uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d85b-a989b"
Date: Mon, 05 Jun 2023 13:04:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:36:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-36
Content-Length: 694427

uu9665uu.com/3428c7312310488297eeb96dc24baefa.gif

103.170.15.106

200 OK

459 kB

URL GET HTTP/1.1
uu9665uu.com/3428c7312310488297eeb96dc24baefa.gif
IP
103.170.15.106:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu9665uu.com
FingerprintB9:6F:2B:FB:AF:FD:7D:F7:E9:5B:8B:3A:08:39:F0:E3:9E:0F:0A:B9
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
459 kB (458890 bytes)
Hash
0d9ad28c5daf9529a41a915bc83b15e3
8d19d6430caf76c6008672013af3021cb1c4288a
646a48b96f107a014723f4110c31191a2f456b89b2e0e9b148b4e74c6a1dd7e6

HTTP Headers

GET /3428c7312310488297eeb96dc24baefa.gif HTTP/1.1
Host: uu9665uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d884-7008a"
Date: Thu, 08 Jun 2023 00:13:40 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:37:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-36
Content-Length: 458890

img.mengzhan28.top/loveimgmoe/d0/aa/643d5b897107458c94e1d0aa.gif

172.67.68.155

200 OK

357 kB

URL GET HTTP/2
img.mengzhan28.top/loveimgmoe/d0/aa/643d5b897107458c94e1d0aa.gif
IP
172.67.68.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
357 kB (356686 bytes)
Hash
66d2fa59067b15b2d766848d131af7ec
b1aba94369e4f17239e928f654303a9f553c3361
0eaa133ce27b3acea8353f6a576509a4af37d876e625096748679f47323093c8

HTTP Headers

GET /loveimgmoe/d0/aa/643d5b897107458c94e1d0aa.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:53 GMT
content-type: image/png
content-length: 356686
cache-control: max-age=16070400
last-modified: Thu, 08 Jun 2023 13:37:45 GMT
cf-cache-status: HIT
age: 50388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdVp07hXLZr9wSWmJkTGQVi%2BtGoJETLg%2B0UhXmAviHdK6P9yqjDwPvm8c72hHKs9aH6pKn9BEvmdlWNiNwhR%2BCq0cagMxl3aPkwe3J8ZNBvvZEkDJkTG3Ir9KcwnospbJrS61A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d26abca8b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kjimg10.360buyimg.com/ott/jfs/t20250608/101872/12/40553/887332/6482aa35Fc6eb04c3/3a8d7e158dfb0b83.gif

121.226.246.3

200 OK

887 kB

URL GET HTTP/2
kjimg10.360buyimg.com/ott/jfs/t20250608/101872/12/40553/887332/6482aa35Fc6eb04c3/3a8d7e158dfb0b83.gif
IP
121.226.246.3:443
ASN
#4134 Chinanet

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
887 kB (887332 bytes)
Hash
0660ebfed414f47907fbb5fa2caa496b
566b01d0ce27f12ce9c269990afc0ed1f61dc485
bd91842e95bd8863ea86156202de193faffffb6a368cd2f2dfbe9f4b025e066d

HTTP Headers

GET /ott/jfs/t20250608/101872/12/40553/887332/6482aa35Fc6eb04c3/3a8d7e158dfb0b83.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:51:53 GMT
content-type: image/gif
content-length: 887332
cache-control: max-age=15552000
expires: Wed, 06 Dec 2023 07:21:11 GMT
last-modified: Fri, 09 Jun 2023 04:27:33 GMT
age: 12642
via: http/1.1 ORI-CLOUD-HUZ-MIX-30 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-17 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1686295271836-0-0-1-38-38;200;200-1686299127770-0-0-0-1-1;200-1686307913087-0-0-0-2-2
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d8a96f0cc9885bead95ff007801a7ea4
07c32653024814e7597a92632ba68de539b0881e
c072b2619b3e841ab0df9c149a9acbb3ceb1b3bb973738740d96331ac8545ce7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 08:49:51 GMT
Expires: Wed, 14 Jun 2023 08:49:50 GMT
Etag: "07c32653024814e7597a92632ba68de539b0881e"
Cache-Control: max-age=424076,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d26b3ebbb521-OSL

uu8658uu.com/5dee9342f7c94dd9942112d6628da1e4.gif

103.170.15.88

200 OK

104 kB

URL GET HTTP/1.1
uu8658uu.com/5dee9342f7c94dd9942112d6628da1e4.gif
IP
103.170.15.88:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu8658uu.com
Fingerprint48:B2:4F:54:B1:B9:58:6B:F0:FE:FB:A6:CC:28:21:17:CA:3E:6D:77
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
104 kB (103955 bytes)
Hash
b2f04eed3bae024688f8b85b71983c41
41c80364f401dfdf69e059c91255029a6612ecaf
268966423378853dd0a1a908b3566c9d517de2497c00f6fe08540241403ddd02

HTTP Headers

GET /5dee9342f7c94dd9942112d6628da1e4.gif HTTP/1.1
Host: uu8658uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d847-19613"
Date: Sat, 03 Jun 2023 02:01:22 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:36:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 103955

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
9e10541cf779d784732725309a6780b0
ab09fcd20420e1b4d2865e601f2ec438f9b5b375
5429a10bd8d09b3c0187caf75c4f2f550555e0573c056f3fee4ad878aef665d0

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:42:08 GMT
ETag: "ab09fcd20420e1b4d2865e601f2ec438f9b5b375"
Last-Modified: Fri, 09 Jun 2023 07:42:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1063
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d26c3baeb4fd-OSL

1cdn.8b4v.cn/xpj96080a.gif

220.200.129.225

200 OK

272 kB

URL GET HTTP/1.1
1cdn.8b4v.cn/xpj96080a.gif
IP
220.200.129.225:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subject1cdn.8b4v.cn
Fingerprint90:2B:E9:98:30:96:6B:87:97:34:B5:C0:36:9A:12:91:81:E6:AF:12
ValidityThu, 13 Apr 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
272 kB (272151 bytes)
Hash
43a32492f5f0cac9660c7ab9d28ced1f
74dc58aad3d5ffc74d5536abda35d554edbd6aa5
b66bc61c4e4348cadf72790bf397b4bb70921196b0c9fb5935c280c354214450

HTTP Headers

GET /xpj96080a.gif HTTP/1.1
Host: 1cdn.8b4v.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 13 Apr 2023 06:41:22 GMT
Etag: "43a32492f5f0cac9660c7ab9d28ced1f"
Content-Type: image/gif
Date: Sun, 04 Jun 2023 02:39:49 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 15860531176344592078
x-cos-request-id: NjQ3YmY5NzVfNWFhZjZkMDlfMTYwYmVfNWFiMGI4Zg==
Content-Length: 272151
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12507270855135134713
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600

xo.imgwawawa.vip/xo/xo120av.gif

162.250.140.99

570 kB

URL
xo.imgwawawa.vip/xo/xo120av.gif
IP
162.250.140.99:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
570 kB (569804 bytes)
Hash
191902ddeb2004b36af31d0be89d8c09
2946b327898354bb8f4675be1a22c2e63dec8d69
ce7a7a27b5d2c285e85a4c306f4f6e21141137b3f592e56bb7a1317babacad97

HTTP Headers

GET /xo/xo120av.gif HTTP/1.1
Host: xo.imgwawawa.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/gif
Content-Length: 569804
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 22:31:03 GMT
ETag: "641398a7-8b1cc"
Expires: Sat, 08 Jul 2023 11:13:31 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
9e10541cf779d784732725309a6780b0
ab09fcd20420e1b4d2865e601f2ec438f9b5b375
5429a10bd8d09b3c0187caf75c4f2f550555e0573c056f3fee4ad878aef665d0

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:42:08 GMT
ETag: "ab09fcd20420e1b4d2865e601f2ec438f9b5b375"
Last-Modified: Fri, 09 Jun 2023 07:42:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1063
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d26c7c05b4fd-OSL

sz88.oss-cn-shenzhen.aliyuncs.com/sz/kg96080a.gif

120.78.115.86

200 OK

346 kB

URL GET HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/sz/kg96080a.gif
IP
120.78.115.86:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
346 kB (345602 bytes)
Hash
6310bd0194df289f34539ff2dfc8a250
960461384c89fb7407b76f72fe1fa519c7cfb60f
faac27a9fb02215321fba3507add99cfa9d4acb02144d8e229436c128e9caa12

HTTP Headers

GET /sz/kg96080a.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: image/gif
Content-Length: 345602
Connection: keep-alive
x-oss-request-id: 6483044838F4A3343772C616
Accept-Ranges: bytes
ETag: "6310BD0194DF289F34539FF2DFC8A250"
Last-Modified: Thu, 16 Mar 2023 07:41:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2217501445958086142
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: YxC9AZTfKJ80U5/y38iiUA==
x-oss-server-time: 2

uu2722uu.com/06b4bb30002946ed8dd9484b7f62c498.gif

103.170.15.72

200 OK

55 kB

URL GET HTTP/1.1
uu2722uu.com/06b4bb30002946ed8dd9484b7f62c498.gif
IP
103.170.15.72:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu2722uu.com
Fingerprint4D:14:09:A9:32:0F:E5:4A:38:53:85:F6:AB:07:D3:23:96:0C:59:A4
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 230 x 140\012- data
Size
55 kB (54561 bytes)
Hash
e5b6da0c1874929295aaf2be3dd4c7b9
e8581791337839f2bc24a487556910380392a775
5141bb632cfb90a646fc53ce156d5c25e8c424471df3828346be66c74a9bacba

HTTP Headers

GET /06b4bb30002946ed8dd9484b7f62c498.gif HTTP/1.1
Host: uu2722uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d9aa-d521"
Date: Fri, 02 Jun 2023 07:25:31 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:42:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 54561

u1055.com/36205fa81bd440869ed0c9813d601b23.gif

103.170.15.36

200 OK

66 kB

URL GET HTTP/2
u1055.com/36205fa81bd440869ed0c9813d601b23.gif
IP
103.170.15.36:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectu1055.com
FingerprintE4:CC:D1:02:C8:EA:6E:33:BA:78:17:6E:04:5C:12:C8:E8:A9:95:6A
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
66 kB (65599 bytes)
Hash
920ccd4abc512e2f0e723e0420737e73
f450d5d7eb86faac9986631e6f470a0565bfa3da
db3eca6b7c98c912bc6443449d84b8ea7199fba5f3e042b8fbd4025f2e934f36

HTTP Headers

GET /36205fa81bd440869ed0c9813d601b23.gif HTTP/1.1
Host: u1055.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6479d083-1003f"
server: nginx
date: Fri, 09 Jun 2023 04:45:44 GMT
content-type: image/gif
last-modified: Fri, 02 Jun 2023 11:20:35 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-26
content-length: 65599
X-Firefox-Spdy: h2

lxbd2.com/f1067f057f9f3415205bc5de44bd7d5b.gif

172.83.155.45

200 OK

57 kB

URL GET HTTP/2
lxbd2.com/f1067f057f9f3415205bc5de44bd7d5b.gif
IP
172.83.155.45:443
ASN
#201106 Spartan Host Ltd

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectlxbd2.com
FingerprintBD:68:BB:10:EC:8E:2A:1F:A1:F9:FA:FF:FA:77:AD:C7:B1:FE:FE:D2
ValiditySat, 27 May 2023 09:34:51 GMT - Fri, 25 Aug 2023 09:34:50 GMT

File type
GIF image data, version 89a, 150 x 150\012- data
Size
57 kB (57111 bytes)
Hash
6a0178169521a422f15a823baccdf4ea
e6afa7d5f446474cf5a6a84b397e68b4429a8bf5
aca290990353c483218ff9c73e3bf6015bb3df13186d9444a28e81de26cfd976

HTTP Headers

GET /f1067f057f9f3415205bc5de44bd7d5b.gif HTTP/1.1
Host: lxbd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:51:53 GMT
content-type: image/gif
content-length: 57111
last-modified: Fri, 31 Mar 2023 06:50:28 GMT
etag: "642682b4-df17"
expires: Fri, 09 Jun 2023 22:51:53 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 148254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o81pSmUIO%2Fx93asJ47W8HPT0n%2Bkcbr%2BWT7oqnkCTbgIOapAp1HrxcxDjuf0EQWBPrMVnA0OvUKZ2wTPvXCrEqQT0E6ag8X0iggqmAs4B5oPmc%2FjvhwbcbsXwyML9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7d17158c0a4cc37b-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

uu3233uu.com/2958f3ceaad14357a37822d976a71ec2.gif

103.170.15.81

200 OK

373 kB

URL GET HTTP/1.1
uu3233uu.com/2958f3ceaad14357a37822d976a71ec2.gif
IP
103.170.15.81:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectuu3233uu.com
Fingerprint70:E8:D7:1F:CD:35:19:CB:9D:B3:67:2C:51:0A:F3:ED:B0:AC:28:84
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
373 kB (373145 bytes)
Hash
5563f9bca4298ccaf17acf201a2eea77
4db1b0a72944ea3a1e7f3dc67ef38675594ceb6e
e5681fbf25ecbb34309b7a29f9c9a0c258ee4ee371f91b7e6fc97dbb40ea7ab0

HTTP Headers

GET /2958f3ceaad14357a37822d976a71ec2.gif HTTP/1.1
Host: uu3233uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6464d940-5b199"
Date: Sun, 04 Jun 2023 06:50:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 17 May 2023 13:40:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-11
Content-Length: 373145

u1010.com/90541e57143246f290e06253ddaf18b6.gif

103.170.15.36

200 OK

92 kB

URL GET HTTP/2
u1010.com/90541e57143246f290e06253ddaf18b6.gif
IP
103.170.15.36:443
ASN
#7483 Skycloud Computing co., Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subjectu1010.com
FingerprintBE:0F:E7:A1:5E:32:BF:CE:5A:07:8B:ED:FF:AB:0C:F7:87:1F:D8:5E
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 250\012- data
Size
92 kB (92331 bytes)
Hash
f2c22b44a3e57235067ffdf42ab56956
7ab721b30dfe82c580a7cfff4c234593c020a7fe
0a1ef6e732ddb873369bbe5805a7e1dcf50cdb2964b7f5ba2715a9bcfb1312ac

HTTP Headers

GET /90541e57143246f290e06253ddaf18b6.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6479cb83-168ab"
server: nginx
date: Wed, 07 Jun 2023 07:45:31 GMT
content-type: image/gif
last-modified: Fri, 02 Jun 2023 10:59:15 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-26
content-length: 92331
X-Firefox-Spdy: h2

1cdn.8b4v.cn/wns96080a.gif

220.200.129.225

200 OK

374 kB

URL GET HTTP/1.1
1cdn.8b4v.cn/wns96080a.gif
IP
220.200.129.225:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://www.hntv1165.top/
Certificate
IssuerSectigo Limited
Subject1cdn.8b4v.cn
Fingerprint90:2B:E9:98:30:96:6B:87:97:34:B5:C0:36:9A:12:91:81:E6:AF:12
ValidityThu, 13 Apr 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
374 kB (374505 bytes)
Hash
61f0a03d052a9fa7c45384a259b5ba2e
d4ee20f085c53882170bf84dedc1f41995e1bd40
e1861e6ff229839c7d15fb0b166069fe773aad508c8d174661a7437e2b45632b

HTTP Headers

GET /wns96080a.gif HTTP/1.1
Host: 1cdn.8b4v.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 13 Apr 2023 06:46:54 GMT
Etag: "61f0a03d052a9fa7c45384a259b5ba2e"
Content-Type: image/gif
Date: Sun, 04 Jun 2023 21:51:17 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 8121941456025080816
x-cos-request-id: NjQ3ZDA3NTVfOWQ0ZmI3MDlfYTk0NF9kNTc3Yjcy
Content-Length: 374505
Accept-Ranges: bytes
X-NWS-LOG-UUID: 13701042872868523070
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600

ia.51.la/go1?id=21298467&rt=1686307911716&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA&ing=1&ekc=&sid=1686307911716&tt=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%252C%25E7%25BB%25B4%25E6%2597%258F%25E4%25BA%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%25BD%2591%25E7%25AB%2599&kw=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%252C%25E7%25BB%25B4%25E6%2597%258F%25E4%25BA%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%25BD%2591%25E7%25AB%2599&cu=https%253A%252F%252Fwww.hntv1165.top%252F&pu=http%253A%252F%252Fwww.needtakehave.com%252F

42.236.73.39

200

0 B

URL GET HTTP/1.1
ia.51.la/go1?id=21298467&rt=1686307911716&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA&ing=1&ekc=&sid=1686307911716&tt=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%252C%25E7%25BB%25B4%25E6%2597%258F%25E4%25BA%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%25BD%2591%25E7%25AB%2599&kw=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%252C%25E7%25BB%25B4%25E6%2597%258F%25E4%25BA%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%25BD%2591%25E7%25AB%2599&cu=https%253A%252F%252Fwww.hntv1165.top%252F&pu=http%253A%252F%252Fwww.needtakehave.com%252F
IP
42.236.73.39:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go1?id=21298467&rt=1686307911716&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA&ing=1&ekc=&sid=1686307911716&tt=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%252C%25E7%25BB%25B4%25E6%2597%258F%25E4%25BA%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%25BD%2591%25E7%25AB%2599&kw=%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E9%25BB%2584%25E8%2589%25B2%25E7%25BD%2591%25E7%25AB%2599www%25E5%25A4%25A9%25E5%25A0%2582%252C%25E4%25B9%2585%25E4%25B9%2585AV%25E5%25BD%25B1%25E9%2599%25A2%252C%25E6%25AF%259B%25E7%2589%2587%25E5%25A4%25A7%25E5%2585%25A8%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%252C%25E7%25BB%25B4%25E6%2597%258F%25E4%25BA%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%25BD%2591%25E7%25AB%2599&cu=https%253A%252F%252Fwww.hntv1165.top%252F&pu=http%253A%252F%252Fwww.needtakehave.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Length: 0
Date: Fri, 09 Jun 2023 10:50:25 GMT

ky891.oss-cn-shenzhen.aliyuncs.com/891-960x80.gif

120.78.115.62

200 OK

314 kB

URL GET HTTP/1.1
ky891.oss-cn-shenzhen.aliyuncs.com/891-960x80.gif
IP
120.78.115.62:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
314 kB (314128 bytes)
Hash
f2392069b09d912dd278685456853eec
cbe28120e2178307b7517013385744447e5f0ade
b53b9df698d6d882040e416be602f7bccd3ef56477b9cf6161ad61bb335e8ebf

HTTP Headers

GET /891-960x80.gif HTTP/1.1
Host: ky891.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 09 Jun 2023 10:51:54 GMT
Content-Type: image/gif
Content-Length: 314128
Connection: keep-alive
x-oss-request-id: 6483044A15E0713631F81303
Accept-Ranges: bytes
ETag: "F2392069B09D912DD278685456853EEC"
Last-Modified: Sun, 02 Apr 2023 12:07:15 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12609623905548799589
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 8jkgabCdkS3SeGhUVoU+7A==
x-oss-server-time: 3

www.hntv1165.top/template/yyys2/common.js

104.21.45.230

200 OK

788 B

URL GET HTTP/3
www.hntv1165.top/template/yyys2/common.js
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (824), with no line terminators
Size
788 B (788 bytes)
Hash
e6e8853300b93936dc039761f15f747f
a806197c265c8cd692f1c00e82ff356f6a536d60
730f281d0fb6dbe5f46c3ddb2bed5464710476890840eb3873b2a072b68cbc6a

HTTP Headers

GET /template/yyys2/common.js HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: application/javascript
last-modified: Thu, 27 Apr 2023 02:44:59 GMT
etag: W/"6449e1ab-314"
expires: Fri, 09 Jun 2023 22:51:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCi83f3rii8Z%2BRSS1zpERUGWTI1tZVIq6%2FGb%2BZM0hcmJosPpdptk4iVfeikFqFXuEdvSxXp1ArWj9UJnCQb2C2FPDS8gccG250h%2BGDxAelrPu0P8V%2BKooZsvFfMsEda0dF0h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d25719f90b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.hntv1165.top/

104.21.45.230

200 OK

361 kB

URL GET HTTP/2
www.hntv1165.top/
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type

Size
361 kB (360693 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:49 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW5dnJqOlhvvQd%2F7OQSkzNny%2FZx71sbEVm4qYS88TZcLaGp074dzacVm8C1naGfRChRbQsLk8DMjQBxQnj8JxMmiMWGI6Qs5YVXZ3K78i04H7BXFjY2Z%2Flro7cDmVi3EzhWF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d251ec72b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.hntv1165.top/template/yyys2/css/ate.css

104.21.45.230

200 OK

76 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/css/ate.css
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
ASCII text, with CRLF line terminators
Size
76 kB (75492 bytes)
Hash
b49992e1f195c8a7fae8874c7484979d
d061a88013db4f88c6e518f5a9aa17a308dee2f1
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

HTTP Headers

GET /template/yyys2/css/ate.css HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:36 GMT
vary: Accept-Encoding
etag: W/"60cca4e8-126e4"
expires: Fri, 09 Jun 2023 22:51:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bOZ4Xd1P6DS5olC1dZGr3Mq4EPeyQcjHKF08Ij9y2DE4eyJuzgC53S33cOHAepvKCA9VOH31i%2B7iLAOKgbWXsMjNk0VMwXlbGE3ayktmtH9wpOCRttYiigctUbKpYk5JpqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d254cf980b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.tz26.xyz:6188/n.js

0.0.0.0

0 B

URL GET
www.tz26.xyz:6188/n.js
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.needtakehave.com/darkfairie/images/Customer/Billing/Address/Verification/secure/customer/center/Amazon.com/error.php
Certificate
IssuerTrustAsia Technologies, Inc.
Subjecttz26.xyz
FingerprintE6:92:B7:A2:91:D5:EE:E3:40:81:CE:4A:15:B3:98:FF:27:91:48:81
ValiditySun, 05 Mar 2023 00:00:00 GMT - Mon, 04 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /n.js HTTP/1.1
Host: www.tz26.xyz:6188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:51:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.hntv1165.top/template/yyys2/js/jquery.config.js

104.21.45.230

200 OK

5.2 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/js/jquery.config.js
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5877), with no line terminators
Size
5.2 kB (5222 bytes)
Hash
0b48b7c6a635b1c2e752f201db388e7c
0a6ef705c7971af223c8092389149aaf79c01f50
29a8cfbaeeda0a36f0fbd9efc73897937513a5f49f5a254181366f062e81df30

HTTP Headers

GET /template/yyys2/js/jquery.config.js HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 20:41:00 GMT
vary: Accept-Encoding
etag: W/"62436edc-1466"
expires: Fri, 09 Jun 2023 22:51:50 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6130PxmHplOrQhmmpLsDP0FQIoLpEoESgk523UIyf3nemG6k9fFhewOKSO50HHT6UwTR5a4cxaWmySrs4YY%2Fkzhf2ucV8PL14l53JY%2BaZbILTAPqAO66KB1HNhcBRljEYPt%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d254dfba0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tupian.baitu1llbkotsfthllcjeg.com/3434/120.ys.xx.gif

172.67.197.54

200 OK

972 kB

URL GET HTTP/2
tupian.baitu1llbkotsfthllcjeg.com/3434/120.ys.xx.gif
IP
172.67.197.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerGoogle Trust Services LLC
Subject*.baitu1llbkotsfthllcjeg.com
Fingerprint03:68:B6:9D:96:2F:97:96:A9:C7:D1:5C:E8:45:78:6A:E5:C5:79:98
ValidityTue, 11 Apr 2023 04:49:32 GMT - Mon, 10 Jul 2023 04:49:31 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
972 kB (972160 bytes)
Hash
f6fc01ff0aaeb96e90677575b2f969ef
af9fb8133e1566f206c92743d33e5ecb60bc048d
e89d3dfe47cb8bfd401ff18dac13fbbb3ac571c9584aa56f27d194720e2e9b66

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /3434/120.ys.xx.gif HTTP/1.1
Host: tupian.baitu1llbkotsfthllcjeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:51:50 GMT
content-type: image/gif
last-modified: Mon, 22 May 2023 11:14:57 GMT
etag: "646b4eb1-ed580"
expires: Wed, 21 Jun 2023 11:15:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1547944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpWlNmvDkWuuKKu%2FcrS44AGdj2VP%2BA4zIYIrB3O6ZnPILaE7RvE1JsFesXMWVjEuVGZ6HkMrmjnOPUtO4BlY7%2BXESFJVfIQ0NByVsmUCEEO%2BhCV6md%2FvwsteWgXjNaZPxohs6%2FEPkYPVRC1Q3fVxNF8vxxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d258d9bab50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xo.imgwawawa.vip/xo/xo120av.gif

162.250.140.99

200 OK

570 kB

URL GET HTTP/1.1
xo.imgwawawa.vip/xo/xo120av.gif
IP
162.250.140.99:443
ASN
#62587 ANT-CLOUD

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjectxo.imgwawawa.vip
Fingerprint93:AD:E7:A5:05:B8:96:CC:BA:97:54:62:5D:D6:4A:15:6A:B8:29:B3
ValidityMon, 05 Jun 2023 11:12:58 GMT - Sun, 03 Sep 2023 11:12:57 GMT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
570 kB (569804 bytes)
Hash
191902ddeb2004b36af31d0be89d8c09
2946b327898354bb8f4675be1a22c2e63dec8d69
ce7a7a27b5d2c285e85a4c306f4f6e21141137b3f592e56bb7a1317babacad97

HTTP Headers

GET /xo/xo120av.gif HTTP/1.1
Host: xo.imgwawawa.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:51:51 GMT
Content-Type: image/gif
Content-Length: 569804
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 22:31:03 GMT
ETag: "641398a7-8b1cc"
Expires: Sat, 08 Jul 2023 11:13:31 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

js.users.51.la/21298467.js

42.236.73.41

200 OK

4.9 kB

URL GET HTTP/1.1
js.users.51.la/21298467.js
IP
42.236.73.41:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://www.hntv1165.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT

File type
ASCII text, with very long lines (5147), with no line terminators
Size
4.9 kB (4898 bytes)
Hash
fa27476387601e30595fbc088892fcd0
69f3cd61104fc49a2346df7b5995104716949873
bca61a9ebfc0978b9ed573c2eedf94d710a42a09e3556aa7ed1a63ddccab3bc9

HTTP Headers

GET /21298467.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Jun 2023 10:51:52 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-store
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

www.hntv1165.top/template/yyys2/html/advertised/advertised.json?refresh=202369Fri%20Jun%2009%202023%2010:51:51%20GMT+0000%20(Coordinated%20Universal%20Time)

104.21.45.230

200 OK

3.2 kB

URL GET HTTP/3
www.hntv1165.top/template/yyys2/html/advertised/advertised.json?refresh=202369Fri%20Jun%2009%202023%2010:51:51%20GMT+0000%20(Coordinated%20Universal%20Time)
IP
104.21.45.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.hntv1165.top/
Certificate
IssuerLet's Encrypt
Subjecthntv1165.top
Fingerprint5F:F8:2A:0B:B5:C1:F8:CD:95:EC:AC:DF:F0:55:CB:56:12:91:65:BA
ValiditySat, 03 Jun 2023 13:21:07 GMT - Fri, 01 Sep 2023 13:21:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (3276), with no line terminators
Size
3.2 kB (3206 bytes)
Hash
2d04aa3fe0a0916c69bce0d655aa8eba
79fb6a0c0e380ee60f68d92586ebc8660a9bf70f
b61e30df78e17cd52c5be4a38a85f9f3911fcbb42616b505464d54253137f098

HTTP Headers

GET /template/yyys2/html/advertised/advertised.json?refresh=202369Fri%20Jun%2009%202023%2010:51:51%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.hntv1165.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.hntv1165.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:51:53 GMT
content-type: application/json
last-modified: Sat, 16 Apr 2022 08:34:36 GMT
etag: W/"625a7f9c-c86"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAfAnQHNkiC9s9pPu6fzbBunXKx7lI9CS6fFw9K31VcpF9FASiwBoC4aI%2F%2Buwub7sJUuACEvj7TQxdfiql7u%2FXV%2FxFd4Dq3aKQxS3pCpD4Z98jvA1Co8uP%2F%2FnNpJbNFk54fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d267fb280b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML