www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
160.124.198.239 632 B URL User Request GET www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
IP 160.124.198.239:0
ASN #132839 POWER LINE DATACENTER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (950), with CRLF line terminators
Hash 0dbc7c3b1814289575662bec135f1a2f
b4b5dd96386ad4d4738fa608529e669ca267437b
1bd88bba7ec37e41f0e72f19f348e585f2bdc4a4e8b35602de45f81e891eb7e3
GET /fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:41:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.needtakehave.com/tj.js
160.124.198.239200 OK 527 B URL GET HTTP/1.1 www.needtakehave.com/tj.js
IP 160.124.198.239:80
ASN #132839 POWER LINE DATACENTER
Requested by http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
File type ASCII text, with CRLF line terminators
Hash 2900162af1ae7e07b2afd8502cc7b273
b18266f51858cd1c454bc287f06d17880bfe5fc7
d2c4389aa9188b3bb5a7e8891c35e534e673b911a32d4ff919cbeb41d719c98c
GET /tj.js HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:41:27 GMT
Content-Type: application/x-javascript
Content-Length: 527
Connection: keep-alive
www.needtakehave.com/common.js
160.124.198.235200 OK 488 B URL GET HTTP/1.1 www.needtakehave.com/common.js
IP 160.124.198.235:80
ASN #132839 POWER LINE DATACENTER
Requested by http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
File type ASCII text, with very long lines (1070), with no line terminators
Hash 66727ff0dfbb60524ea3558215acb178
ffb76bb5d96ade10e2d28bb03f01f8343758482e
e25fb87e42cbff74ec7a4830aa7dcb8cbec882250139e1c933109960f397d87e
GET /common.js HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:41:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.trust-provider.cn/
47.246.44.205 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5b9eafe11bc0907078797c294779f4bf
b15e95dfd6d3678348647c732c206387e709f9e9
63ae7b20a78bf49778cfdb184d7b7ef3751f5d506ab1877ead04464c8eb8ffb7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 09 Jun 2023 10:51:43 GMT
last-modified: Tue, 06 Jun 2023 18:48:49 GMT
expires: Tue, 13 Jun 2023 18:48:48 GMT
etag: "b15e95dfd6d3678348647c732c206387e709f9e9"
cache-control: max-age=584360,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7d48d22b68c81c2e-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1686307903
via: cache21.l2de2[32,32,304-0,M], cache3.l2de2[34,0], cache2.se1[0,0,200-0,H], cache3.se1[1,0], cache1.se1[3,0]
age: 38
x-cache: HIT TCP_MEM_HIT dirn:3:155186753
x-swift-savetime: Fri, 09 Jun 2023 10:51:43 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516863079413605051e, 2ff62c9516863079413605051e
www.needtakehave.com/favicon.ico
160.124.198.235200 OK 1.2 kB URL GET HTTP/1.1 www.needtakehave.com/favicon.ico
IP 160.124.198.235:80
ASN #132839 POWER LINE DATACENTER
Requested by http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.needtakehave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Apr 2023 07:41:28 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 26 Apr 2023 07:41:28 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
172.67.197.136200 OK 141 kB URL GET HTTP/2 sta2.imgclh.com/imgs/2023/04/03/8fc08c0346fcc0a4.gif
IP 172.67.197.136:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjectimgclh.com
Fingerprint46:4D:17:85:53:DC:4A:39:FC:8F:80:12:FC:5E:8F:89:9F:A8:E3:A7
ValiditySun, 04 Jun 2023 16:42:13 GMT - Sat, 02 Sep 2023 16:42:12 GMT
File type GIF image data, version 89a, 960 x 100\012- data
Size 141 kB (140774 bytes)
Hash f0e441ef3131255acdf935206c0d3635
03e14b2f6c54d3342f389fe5d773ee05e8b809fd
8d23939f6175a7229124ae55c8cd5920f2550138ee3ca273d4c708787d3090af
GET /imgs/2023/04/03/8fc08c0346fcc0a4.gif HTTP/1.1
Host: sta2.imgclh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 140774
last-modified: Mon, 03 Apr 2023 09:16:52 GMT
etag: "642a9984-225e6"
expires: Wed, 28 Jun 2023 12:35:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 944226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4tgWvYl1M4kCXPeAFyvmGfQx5hzQEztdgxSh%2BtOCQjSjvkXm3QY8oWKf4W5LirxRRh%2BRgIEb4U%2BgVrA4vZXdlw5QwIzGwxjTkYFk4ii81IHpGZjvHZ0Wr%2FTtNQb%2BEbrd7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d32afa4bb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hntv2298.top/
188.114.96.1200 OK 56 kB IP 188.114.96.1:443
Requested by http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1164)
Hash 7f15bbc5522829537ec30bcfcd26166e
de5f39bc8d874bd4a71f56e68943213dbd52d660
9ca8b01a7367c376e31175ff732fbc984138f1baa27978e22acca0e1b2be7ee5
GET / HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p2%2BYuLCFF34OJj47DK63NBH9znj%2F96blEdL7qlXT%2Bfif2tygxqHpBj9fi%2BCyu3rvDBNkL5fiKG%2FmQ8%2FRaNjkWr3JewPVRO5YKghPrAUpdok%2FfOUWt4D72qXtw1WspUoYMhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d31d6b49b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 5f8142000c0919d14f2302f5aa20f9db
6b397b31ddc7d0dad2d8b849f5c6d1d3426436db
dd9ac1aea32fbd7fd7c3e0b045266f9672cdf59ccb4148343800bf750ee5b055
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 20:20:15 GMT
Expires: Tue, 13 Jun 2023 20:20:14 GMT
Etag: "6b397b31ddc7d0dad2d8b849f5c6d1d3426436db"
Cache-Control: max-age=379106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d32bc8e9b511-OSL
www.hntv2298.top/template/1/images/logo.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 www.hntv2298.top/template/1/images/logo.png
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type PNG image data, 513 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash 9941dc8ee01b6399b0c2413ce284f0c0
1d1d7ef55139d96e47f86d424330904786a203e7
1c0443009ed4337673219db7c67db08a704b1d757cd65dc43f194f166ab57cc7
GET /template/1/images/logo.png HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/png
content-length: 15130
last-modified: Sat, 15 Apr 2023 09:48:42 GMT
etag: "643a72fa-3b1a"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLl%2BfbjvZEKhZX7pMtvlhS1Y48XQ2xrz9skrwxy1MfVUMk5zps74Itr6KpoM3NRXS7ZZjbskK6gBY%2BQ2FCu6yYi17TfUyxCBcZiqcbJMlq%2BBtW9Yylqy0R7anjP3hmjHVVJH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d3298f99b512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/common.js
188.114.96.1200 OK 701 B URL GET HTTP/3 www.hntv2298.top/template/1/common.js
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
Hash 95a9d35bb0b694135b69461d303ecdae
2a85c9cbc953918d95e154af3b2dea391fdb19c3
d1ea1a568e87a6b2962556f71b5eb3280c5d94a324211744e3d328f41e462c6a
GET /template/1/common.js HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: application/javascript
last-modified: Thu, 20 Apr 2023 10:36:54 GMT
etag: W/"644115c6-31d"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHWynnzy7c7LY7vka3YbjLUY9FLK%2FuMdXto4EjVXlTbhgeGeGxfQ%2BXUyzVxcRNd76VbqLxfgE%2FJfkijbqLNe9BpqtO9geLofmOwH8He97ngdNuSXHhQwm%2BcbCTS7K0Jalby5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d3298f91b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/yptp/y2.gif
188.114.96.1200 OK 38 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/yptp/y2.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Hash 150b3bb2746e620658ec5323aaada6c8
0df82e55e47ca0fac1e8f10ed4c392de5adae684
a5ccd7fe72760b5ab08a158d5e9ae1df4c2304796ee4c8b8a143f360d1604fd7
GET /template/1/tp/yptp/y2.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 38353
last-modified: Sun, 26 Jun 2022 16:40:34 GMT
etag: "62b88c02-95d1"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp2x6hFfskL2VuRMdvzo9zp3P8TzrDRvU8gA2QQRYApD09ewWxEfnx%2Bt4kpy5s0XphO%2B13CM%2FcEE9KK1LfqWMGKM1oMeijSb%2BCBvn6o%2F6L6Q1fm7kSXELSlx9tK30jgmhkqp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329cfe6b512-OSL
alt-svc: h3=":443"; ma=86400
ocsp.buypass.com/
23.36.76.129 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash ed6d1ea995c0124ad649b4b431409e40
3fd2506ee0572902ba09b940da3cd15bb2033e52
6ea6e0e7d2d562dbfa1f583e6231da1fc791a67ac01885a4b65a89ba183161fb
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 3d9528b6-e6f7-402b-83ee-a0aa33af8c52
Content-Length: 1701
Date: Fri, 09 Jun 2023 10:52:24 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307944363_388254845_13178261_5150_626_0_0_-";dur=1
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 01e96873d6f3afcd05454291327e5206
ecc50ac85fd146055fa319a692253f93b0fb7711
6230827697494065fe701e4c308c178af3fbb0631a834389815504ff64191109
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=809
Date: Fri, 09 Jun 2023 10:52:24 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307944433_388255501_75290757_13_351_3_0_-";dur=1
dvcasha2.ocsp-certum.com/
23.36.79.10 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 01e96873d6f3afcd05454291327e5206
ecc50ac85fd146055fa319a692253f93b0fb7711
6230827697494065fe701e4c308c178af3fbb0631a834389815504ff64191109
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=883
Date: Fri, 09 Jun 2023 10:52:24 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307944425_388255494_240924669_835_393_2_0_-";dur=1
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash fa2edb665a14de3fedb535c5d6845999
0d9f59cced2977cbb508ca62b08430c187e0385e
88e883d7181df5dfb9a5e6b501b59006b257f344e000c97e63465555c8a4d362
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 17:14:54 GMT
Expires: Thu, 15 Jun 2023 17:14:53 GMT
Etag: "0d9f59cced2977cbb508ca62b08430c187e0385e"
Cache-Control: max-age=540853,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d32c7c06b50b-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 72123cab9c00029ab4c89d4aa3d86b91
7929512b90bd617faef44cd0f465a8977bcca7a9
70d8c7a049c87016f36c107ea5f4407c15e52c1a4bbcae2acd06e2a93d5eecc2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 09:12:11 GMT
ETag: "7929512b90bd617faef44cd0f465a8977bcca7a9"
Last-Modified: Fri, 09 Jun 2023 09:12:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2194
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d32cdf34b4f4-OSL
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash ad2d81fc8f9b6e3a222fef56c6e1b133
ec25518bc3668d303fac49863e1231420b0b899d
cd619d9c9f463d62f6e1737c6355b01257b9bbb9bab9d4463539c3deefa1beaf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 11:21:56 GMT
Expires: Wed, 14 Jun 2023 11:21:55 GMT
Etag: "ec25518bc3668d303fac49863e1231420b0b899d"
Cache-Control: max-age=433391,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d32cdca2b50b-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash ce0e085df771f251a8d54ec491e5b52f
366ea30861348a5dd5350518f1a562395d0ed8f7
d412ae8081e7b0cb8fc836d7a60643aac4d484a87e3b8eeeb8a352394791721c
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:34:47 GMT
ETag: "366ea30861348a5dd5350518f1a562395d0ed8f7"
Last-Modified: Fri, 09 Jun 2023 07:34:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 37
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d32d2b040afa-OSL
www.hntv2298.top/template/1/tp/zbdtp/a4.gif
188.114.96.1200 OK 86 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/zbdtp/a4.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 640 x 200\012- data
Hash 2fb46fbac4465a3915ee2482b2223c25
6bb17db9f8c5517bfe21f4a54480c3fec3629adb
56eed647be7230eb7ba9fd7f3cee377e9636395207e26479ba10de9cecf8f637
GET /template/1/tp/zbdtp/a4.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 86199
last-modified: Sun, 26 Jun 2022 16:41:40 GMT
etag: "62b88c44-150b7"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGFpICi79BoXBhmejF4tlDmjnmjZfoEZjF%2B5p2%2Fj68Xjs9y0dSuObCbu80U%2BwNTkl5rbmcOo2v94KIFPigR%2BK9z4Q%2B%2Fqp7zJY53eH0g%2FLIlnQWs%2B1pWPn3ufBnqp3k0K8eyu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329afc0b512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/ad/100X100.gif
188.114.96.1200 OK 74 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/ad/100X100.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 100 x 100\012- data
Hash 60ef912b81459e301b692ab85ec83bc2
ee81be8bcacd826483e47c228ee19754e4b25b89
cbc2a42e0a215c851fac163738fa9739b29be158ffc51e81844e1bc2cc427dd1
GET /template/1/tp/ad/100X100.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 73679
last-modified: Sat, 03 Sep 2022 08:44:36 GMT
etag: "631313f4-11fcf"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZL2v3HlAz9kPwB%2BbcAZD561Do7ac%2F4%2Bj%2FR2JxDasLoRMyc%2BrKHzH%2B9x5LrNeiMxHz4omdQ8XeklWcV5wVvGC2F%2FFBeyHjVvRgBahDBks6x8nnfvSqIa8iMcVYlQ9up6T86p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329cfe7b512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/yptp/y3.gif
188.114.96.1200 OK 67 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/yptp/y3.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Hash e0f20c3626cccf9e26c0d8969d2032f8
5b076b7a6a320d326920affcb3945737ef7e91e3
da30a87446a82d8a33d0ef3b40665bfa5396b98f9029e636b2f8517655475bbc
GET /template/1/tp/yptp/y3.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 66982
last-modified: Sun, 26 Jun 2022 16:40:36 GMT
etag: "62b88c04-105a6"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh2JLcsaBMNblALh7tDRYykfCC9eBZgOVK47bVUd4PjziWEsju5fEibpyLOKg96WPGdOGR1qYStwhss7U8d%2FDQiqRc5rKcf3YMsFUa3sgrM8b6SpOFN78fjWqtzWCpxZiqCu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329cfe3b512-OSL
alt-svc: h3=":443"; ma=86400
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash ea58056040025316009ec8a48505f918
9af2d8e0bcdf47ec4167618be1bbb64def85f3ca
c7b545f9d1d1a718c48a0c74445bcdb2e8cbdea590f82b5deffccc2a9e6235cc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 08:42:17 GMT
Expires: Wed, 14 Jun 2023 08:42:16 GMT
Etag: "9af2d8e0bcdf47ec4167618be1bbb64def85f3ca"
Cache-Control: max-age=423591,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d32c89e6b511-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 87dbbed0bc4d9e5bee3b8b8d46604e6f
3b4785d81de307f781507cd7758ec2869bfe893f
85a36d53cc99e1b75a2a0759db20c7798f9253629b4fecf4bad7b6dad763782a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:04:35 GMT
ETag: "3b4785d81de307f781507cd7758ec2869bfe893f"
Last-Modified: Fri, 09 Jun 2023 07:04:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3189
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d32d987db4f4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 87dbbed0bc4d9e5bee3b8b8d46604e6f
3b4785d81de307f781507cd7758ec2869bfe893f
85a36d53cc99e1b75a2a0759db20c7798f9253629b4fecf4bad7b6dad763782a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:04:35 GMT
ETag: "3b4785d81de307f781507cd7758ec2869bfe893f"
Last-Modified: Fri, 09 Jun 2023 07:04:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3189
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d32dd8d2b4f4-OSL
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash 8e5e8d129204dfb8c323cd524ea4470f
13cde069ee6bdf385ea441e8a57e9a8c460f9102
7ca339e7e397c83bbda39ae89b78679b80712fb583903d134ba7f2b8709d8e5e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 00:15:26 GMT
Expires: Tue, 13 Jun 2023 00:15:25 GMT
Etag: "13cde069ee6bdf385ea441e8a57e9a8c460f9102"
Cache-Control: max-age=306780,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d32dcba0b511-OSL
pic1.semaobf1.com/20220525/C63CD3345D04F6C4/C63CD3345D04F6C4.jpg
109.122.211.21200 OK 9.2 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/C63CD3345D04F6C4/C63CD3345D04F6C4.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 0823215293b32d344b842d1a23019d56
52d1e5bc1e1d0988f7398e5be12e06d49f2ab8b9
91d6f32354eae884ff57fd0f8b5a78743630afed63b06a6e1dbd9decccabab86
GET /20220525/C63CD3345D04F6C4/C63CD3345D04F6C4.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: image/jpeg
Content-Length: 9236
Last-Modified: Wed, 07 Sep 2022 12:52:40 GMT
Connection: keep-alive
ETag: "63189418-2414"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.hntv2298.top/template/1/tp/yptp/y5.gif
188.114.96.1200 OK 105 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/yptp/y5.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 105 kB (104937 bytes)
Hash 97ccd094e782c64495d9b3438b4b98a5
31421a4dad004c0710884cc8b1c9b4a6db6aaff4
1278e36837250a306cd5669deec1b6e57c7d4a9379c87147865c1e88e9a23344
GET /template/1/tp/yptp/y5.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 104937
last-modified: Sun, 26 Jun 2022 16:40:40 GMT
etag: "62b88c08-199e9"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Il%2FfVroCeiYt01xZ%2BHoCXJY1NTYengkAG5HwgNTRHwtdq8PjLBBdcKUNQPvIWifSTYHKDBXVrymqtsLQDPwZ9io2gX79V%2FLT1bAceHAYR0Fg4qcQzkA7tm%2F%2F9XVoJyKnFhfJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329afcbb512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/yptp/y1.gif
188.114.96.1200 OK 105 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/yptp/y1.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 105 kB (105007 bytes)
Hash 8addcd5a8672c743ab9d7c3728939025
ec5378c74c297e54484cf0f6e955cb27fe036b05
9a9675e295a3047370252c4fa1323fbcd71d8357e22d74b1cbed41178f76e2c3
GET /template/1/tp/yptp/y1.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 105007
last-modified: Sun, 26 Jun 2022 16:40:34 GMT
etag: "62b88c02-19a2f"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZuhzlhR7YlvwaH1aza9PNL6KIYqZnChWpCdJjTlMxPSBm%2FkxbndqjBwFCGr2alz4k4%2FJB2Lg%2FGNEFeW8MoDo4h2Huv1LhAxCs37wZ%2BMcayyg2iB54eZIh30F2MaDeqc1AcU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329cfe9b512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/zbdtp/a1.gif
188.114.96.1200 OK 70 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/zbdtp/a1.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Hash 70b900242fdade2c9b1be5742d96f0f0
a5d5f1d689289683caccb6552356be7759051cab
8a9c1d22ef7b0c76959e0be485db3db50fe2fcec85e77286124a0d842951e1c1
GET /template/1/tp/zbdtp/a1.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 69896
last-modified: Sun, 26 Jun 2022 16:41:40 GMT
etag: "62b88c44-11108"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKCovHq%2FnFqd3ckUD55X6Az62ER3epL2W9i2gmq1DgBZ%2F7PbttIG6iVh8HvyKVTogHL7BOC5etDGzhLWUjmebgzTZP6Z5x%2BUcSIy3YNudFAYAulzNnnobalbaMQIHLIjkD8a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329afc4b512-OSL
alt-svc: h3=":443"; ma=86400
pic1.semaobf1.com/20220525/AB333441413F1AF6/AB333441413F1AF6.jpg
109.122.211.21200 OK 12 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/AB333441413F1AF6/AB333441413F1AF6.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash aeac96b329347e5989bb1244de3acaf4
4bbe4ccfc21cd6d36ddcdc8cc95a8bbf92851147
76eb5a05cbe58f23809d22c188482e700c7f87ee7c93033b38d5c4461946748d
GET /20220525/AB333441413F1AF6/AB333441413F1AF6.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: image/jpeg
Content-Length: 12058
Last-Modified: Wed, 07 Sep 2022 12:52:18 GMT
Connection: keep-alive
ETag: "63189402-2f1a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220525/5048A2A87B673EB6/5048A2A87B673EB6.jpg
109.122.211.21200 OK 11 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/5048A2A87B673EB6/5048A2A87B673EB6.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash eaaccf7817a4492188d63fd274ed6e11
5d5bfcf7c9bbdbe1ac0d64cd5874b2e244138a30
b13e9fbb1be75ff4d2411e07b217479d650cb2becb492b6f66bafd4398ff134a
GET /20220525/5048A2A87B673EB6/5048A2A87B673EB6.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: image/jpeg
Content-Length: 11036
Last-Modified: Wed, 07 Sep 2022 14:58:04 GMT
Connection: keep-alive
ETag: "6318b17c-2b1c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 1fdcfd0235189fd19a10f9c9a37391ce
8d1b321c47e6f7626a121c22fd365985cfea486e
d9bb91a3aa79e027da5fb8d11271aa8e141a578ea54575e55231598071e54f40
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=809
Date: Fri, 09 Jun 2023 10:52:24 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307944771_388255501_75290761_394_367_2_0_-";dur=1
www.hntv2298.top/template/1/tp/yptp/y4.gif
188.114.96.1200 OK 135 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/yptp/y4.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 650 x 200\012- data
Size 135 kB (134963 bytes)
Hash 49ebeb91c6dbf5eaf2e519a85e6156ca
6c5f849fd2a5593f0c1e04d0d45249d221a5bcb4
8af438fa2e1adfe8be24973c3b497bbf5b3205357dd6832701dedfbcb0c90c2f
GET /template/1/tp/yptp/y4.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 134963
last-modified: Sun, 26 Jun 2022 16:40:38 GMT
etag: "62b88c06-20f33"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEtxqoxgRkxE5zajmZP2vnumsPvCT0%2Fts35XXPp8nLaSGZagLuz%2F%2BuyNvU4YhV8%2BNPfXVlIB4yH0bt%2Bwg1aXz69g2dChoPqQp8Zzz8hJBg3gYfVZPUHCuv5QZ4mt6ILzLVT5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d32a485eb512-OSL
alt-svc: h3=":443"; ma=86400
img.1382a.xyz/images/647cfc9d932fd87e9e9daef2.gif
103.166.246.24302 Found 0 B URL GET HTTP/2 img.1382a.xyz/images/647cfc9d932fd87e9e9daef2.gif
IP 103.166.246.24:443
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subject1382a.xyz
Fingerprint2F:7B:73:BE:01:0D:33:87:AA:41:30:22:74:03:60:37:A0:49:9E:C8
ValidityWed, 10 May 2023 09:16:31 GMT - Tue, 08 Aug 2023 09:16:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/647cfc9d932fd87e9e9daef2.gif HTTP/1.1
Host: img.1382a.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=1800
location: https://img.mengzhan28.top/loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif
X-Firefox-Spdy: h2
tupian.baitu1llbkotsfthllcjeg.com/3434/120.ys.xx.gif
172.67.197.54200 OK 974 kB URL GET HTTP/2 tupian.baitu1llbkotsfthllcjeg.com/3434/120.ys.xx.gif
IP 172.67.197.54:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subject*.baitu1llbkotsfthllcjeg.com
Fingerprint03:68:B6:9D:96:2F:97:96:A9:C7:D1:5C:E8:45:78:6A:E5:C5:79:98
ValidityTue, 11 Apr 2023 04:49:32 GMT - Mon, 10 Jul 2023 04:49:31 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 974 kB (974467 bytes)
Hash 33452a9261b8b5e8b9f109c8e7b3f58d
5c8d3bed653b048da84aac56c72b0fd698df6284
674587a0d6ea11d8cdb3b8a5a508331f1dc750d5a476a4be187d892f96c1d7a9
Analyzer Verdict Alert quad9 Sinkholed
GET /3434/120.ys.xx.gif HTTP/1.1
Host: tupian.baitu1llbkotsfthllcjeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:23 GMT
content-type: image/gif
last-modified: Mon, 22 May 2023 11:14:57 GMT
etag: "646b4eb1-ed580"
expires: Wed, 21 Jun 2023 11:15:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1547977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJNJiuY9do%2FIln9nLitc7g7XmtRuwTXb7pQZ%2Fx2Qhz%2FQr4OivrVvm4Ld0QdADcOXwfaLa5BVd3imWTWP%2BN44cotxQV8s3oGbgLhRRCkLUr%2FdodNi03JHtM4nLglqb1KRAJ4%2FL2lJ0dhhAqMfUazIvawNEBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329de9db521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
8388tp.com/tp/980x60.gif
156.232.92.28200 OK 60 kB IP 156.232.92.28:443
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subject8388tp.com
Fingerprint8A:DF:4D:27:E6:00:94:BE:CA:5C:CC:C0:24:7E:DE:A1:80:C1:C6:7E
ValidityTue, 28 Mar 2023 09:45:41 GMT - Mon, 26 Jun 2023 09:45:40 GMT
File type GIF image data, version 89a, 980 x 61\012- data
Hash 2ba7349622b60057c41d48576fe5939d
1e2f5c45487179792c6f01bd3aeeee4dd03d97be
a3b3d9deae6d11647d4b5f693f32f4f823f1e9ffd9cb202010c2ae6447cada07
GET /tp/980x60.gif HTTP/1.1
Host: 8388tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Jun 2023 10:55:34 GMT
Content-Type: image/gif
Content-Length: 60278
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2023 07:51:28 GMT
ETag: "64366300-eb76"
Expires: Fri, 16 Jun 2023 09:05:49 GMT
Cache-Control: max-age=2592000
Via: localhost.localdomain
CDN-Cache: HIT
Accept-Ranges: bytes
www.hntv2298.top/template/1/tp/yptp/y6.gif
188.114.96.1200 OK 175 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/yptp/y6.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 175 kB (174979 bytes)
Hash 393f3a0903be09ce5308f2214cb6f267
abc58cb591a767ad3f35ee50a636b737ec69e1dc
008f2fc4c5561fefc90714a30ab629f086302dd848cb3a7dfde80f1f6a71338a
GET /template/1/tp/yptp/y6.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 174979
last-modified: Sun, 26 Jun 2022 16:40:42 GMT
etag: "62b88c0a-2ab83"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Qea6dxj5HvP%2FZM%2FNTO2ZLxXhMOrR%2BEOx72H4ci92rM8OPGevc%2FIxGkfX5HlC0jIpY7S7kkddMovz%2Fwt6%2FZc7eLeKP%2F0H%2Bxytj5ETh9OcrLaCGKkHoQbpE10HHAjw1e%2FsDPj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329cfe8b512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/zbdtp/a2.gif
188.114.96.1200 OK 612 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/zbdtp/a2.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 640 x 150\012- data
Size 612 kB (611850 bytes)
Hash 6ed3dcf7e739969e0d5460b5f07e661f
1954523b227b8fa235e3eed0948749ae7af2f9f5
f97cf559b37c6f33ecef4712c699e88217c64aa85abbf919fa772daaf3a49e0a
GET /template/1/tp/zbdtp/a2.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 611850
last-modified: Sun, 26 Jun 2022 15:29:12 GMT
etag: "62b87b48-9560a"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=780arelOXZou1YWe2QQKP6%2BcWNBbs8XR2Mg1T8uK%2Fo%2FAdecB3y%2FH9j7PKH1D68fHnIAwnSAWOONj%2F4SX4vqZY%2FfTUctrR%2FFK%2FeotQPlFyv4nec6spZNwjAOTO%2Bbib5xMTV0o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329bfceb512-OSL
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/tp/zbdtp/a3.gif
188.114.96.1200 OK 691 kB URL GET HTTP/3 www.hntv2298.top/template/1/tp/zbdtp/a3.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type GIF image data, version 89a, 640 x 200\012- data
Size 691 kB (691201 bytes)
Hash e777fbf270544cb526b587f6c9e7b370
d2c75be6512b6a1279e91d5d6d99fa18920ef878
13a0a7ac347346c7bf57699606465257d349ff14861dfa911ef397bfcbda91b2
GET /template/1/tp/zbdtp/a3.gif HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 691201
last-modified: Sun, 26 Jun 2022 15:29:18 GMT
etag: "62b87b4e-a8c01"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEAR7Zt663IYUCkhQ%2FVLA1FZCw7lB0BHg0yIT11S2aYb3hQ8xEdd7Z53qXRQm2vml9VsuMFgbqMZ0bF0kpEAM1uClOCw2z9yeK6v%2FJIZ%2Bo5HJNEBUfhqsZA8aOHFxRr%2F0v3K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d329afc8b512-OSL
alt-svc: h3=":443"; ma=86400
static.qwahk.com/960x60.gif
154.39.80.127200 OK 187 kB URL GET HTTP/1.1 static.qwahk.com/960x60.gif
IP 154.39.80.127:443
Requested by https://www.hntv2298.top/
Certificate IssuerBuypass AS-983163327
Subjectstatic.qwahk.com
Fingerprint53:20:3A:5D:3B:DC:AB:26:57:60:C1:C2:0E:A5:1A:D5:E7:12:56:EE
ValidityFri, 09 Jun 2023 02:34:00 GMT - Tue, 05 Dec 2023 22:59:00 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 187 kB (186717 bytes)
Hash d5c7abafee220d36ad4c23f76d8d428c
31825dedcd230ec6c31b3654c89e3cd35124d327
c25d50eea7fe6b832b3b5a1b3735f5cd9cdd3feb917ca24e9ac82c83bc7ad8b2
GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 186717
Content-Type: image/gif;charset=UTF-8
Date: Thu, 27 Apr 2023 06:30:17 GMT
ETag: "1686306382"
Last-Modified: Fri, 09 Jun 2023 10:26:22 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 dianxun232:2 (W), 1.1 PSmgshxSJC1cd36:13 (W)
X-Cache: HIT, server, memory
X-Px: ms PSmgshxSJC1cd36SJC,ms dianxun232000(origin)
X-Reqid: 2019214167228180202304271430178SIVBGrYsampled
X-Ws-Request-Id: 644a1679_PSmgshxSJC1cd36_4616-20202
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash 3c6ecca04d76a9b19372202623a69187
d1bd89b285a5d11fb98177d63be49863ef280cf0
1a126e648a3e17583ff647188b2a4dc43701ba3e8257dded73609074a28437ab
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Jun 2023 09:17:02 GMT
Expires: Fri, 16 Jun 2023 09:17:01 GMT
Etag: "d1bd89b285a5d11fb98177d63be49863ef280cf0"
Cache-Control: max-age=598808,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d3309f03b511-OSL
3p8801.co/xx/960x180.gif
142.4.117.122200 OK 380 kB IP 142.4.117.122:443
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject3p8801.co
FingerprintE6:00:87:5C:D0:2E:7D:8B:7A:9C:69:D6:F5:D6:95:79:0E:22:25:63
ValidityWed, 01 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 180\012- data
Size 380 kB (380151 bytes)
Hash fe764cb8f0d2241c37ae5a4308f97aec
8fef4c49f912b0a20e2455522ca634bd98cae414
51bbdd9d621a9f02ad69dc5296dae127dfd60f0005f296bf7bc9e28a71b6c8c2
GET /xx/960x180.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 380151
last-modified: Tue, 07 Mar 2023 10:50:19 GMT
etag: "640716eb-5ccf7"
expires: Sun, 09 Jul 2023 10:52:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.mengzhan28.top/loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif
172.67.68.155200 OK 453 kB URL GET HTTP/2 img.mengzhan28.top/loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif
IP 172.67.68.155:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjectmengzhan28.top
Fingerprint68:21:66:FE:9F:A9:A6:83:A2:CD:8E:D5:D4:EE:3F:03:B3:01:B9:8A
ValidityThu, 08 Jun 2023 07:25:25 GMT - Wed, 06 Sep 2023 07:25:24 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 453 kB (453068 bytes)
Hash 78e489cfa5928f3c7b3491d808eea938
4651530964a8c481daae8ebc7aeb186e962d4bbc
6f39b580ed16e54e84be7cb45ed96c0d853a0625b51743bb8544d9c1d81f7ecf
GET /loveimgmoe/ea/b7/6426fa1c27ec65ebc7a0eab7.gif HTTP/1.1
Host: img.mengzhan28.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:25 GMT
content-type: image/png
content-length: 453068
cache-control: max-age=16070400
last-modified: Thu, 08 Jun 2023 09:23:54 GMT
cf-cache-status: HIT
age: 74177
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKvrLA%2FQX8woTjcZ9Ahw8RjPsSt8ZE2y43pAMXC%2BklO6apOMRbaEEF7fBdskVY1ffEG9BjplO0OzWMA6OtCom9PoZcDZfeKAij8Js1h%2FBwbF9uqLGwFrPNt9XoBVtdDF1ByWOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d48d3315863b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
u1077.com/23fb7928540b41af825f090ccd3edb68.gif
103.170.15.51200 OK 275 kB URL GET HTTP/2 u1077.com/23fb7928540b41af825f090ccd3edb68.gif
IP 103.170.15.51:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectu1077.com
Fingerprint1F:25:A3:02:EC:12:0A:DA:01:DC:46:2D:79:0E:BC:6B:38:67:34:C8
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 60\012- data
Size 275 kB (274664 bytes)
Hash d7555bd6a51de954aca541a1dc4b3ffc
b86d01481b211a9e23bad62b965ce68cdf5e65d6
b07420d94529e7f33e57eee8755a46c48f97ec8ad432474f7fea5b87022893a2
GET /23fb7928540b41af825f090ccd3edb68.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6478776c-430e8"
server: nginx
date: Thu, 08 Jun 2023 11:32:25 GMT
content-type: image/gif
last-modified: Thu, 01 Jun 2023 10:48:12 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-41
content-length: 274664
X-Firefox-Spdy: h2
xo.imgwawawa.vip/xo/xo120av.gif
162.250.140.182 570 kB URL xo.imgwawawa.vip/xo/xo120av.gif
IP 162.250.140.182:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 570 kB (569804 bytes)
Hash 191902ddeb2004b36af31d0be89d8c09
2946b327898354bb8f4675be1a22c2e63dec8d69
ce7a7a27b5d2c285e85a4c306f4f6e21141137b3f592e56bb7a1317babacad97
GET /xo/xo120av.gif HTTP/1.1
Host: xo.imgwawawa.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: image/gif
Content-Length: 569804
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 22:31:03 GMT
ETag: "641398a7-8b1cc"
Expires: Sat, 08 Jul 2023 11:10:17 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
u55011.com/c92552651a92f9a6dd0abbbd0c871d25.gif
45.151.135.43200 OK 379 kB URL GET HTTP/2 u55011.com/c92552651a92f9a6dd0abbbd0c871d25.gif
IP 45.151.135.43:443
ASN #201106 Spartan Host Ltd
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectu55011.com
FingerprintB4:E5:26:06:C5:A0:0E:B1:9D:5D:4B:47:AB:55:62:42:12:44:A9:B5
ValidityWed, 10 May 2023 13:05:44 GMT - Tue, 08 Aug 2023 13:05:43 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 379 kB (379124 bytes)
Hash b2838aa5b81ed9695a7e0fe0246ef70a
8e05bad50515e39644662d0b0e129466257e997c
2f683cc2f4c30845ec141f830b4f45ba4b6c15421d4e035a4478e4ce188c1ac0
GET /c92552651a92f9a6dd0abbbd0c871d25.gif HTTP/1.1
Host: u55011.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 379124
last-modified: Thu, 11 May 2023 14:31:19 GMT
etag: "645cfc37-5c8f4"
expires: Fri, 07 Jul 2023 07:51:41 GMT
cache-control: max-age=2592000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
1cdn.8b4v.cn/wns96080a.gif
220.200.129.225200 OK 374 kB URL GET HTTP/1.1 1cdn.8b4v.cn/wns96080a.gif
IP 220.200.129.225:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject1cdn.8b4v.cn
Fingerprint90:2B:E9:98:30:96:6B:87:97:34:B5:C0:36:9A:12:91:81:E6:AF:12
ValidityThu, 13 Apr 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 374 kB (374505 bytes)
Hash 61f0a03d052a9fa7c45384a259b5ba2e
d4ee20f085c53882170bf84dedc1f41995e1bd40
e1861e6ff229839c7d15fb0b166069fe773aad508c8d174661a7437e2b45632b
GET /wns96080a.gif HTTP/1.1
Host: 1cdn.8b4v.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Thu, 13 Apr 2023 06:46:54 GMT
Etag: "61f0a03d052a9fa7c45384a259b5ba2e"
Content-Type: image/gif
Date: Sun, 04 Jun 2023 21:51:17 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 8121941456025080816
x-cos-request-id: NjQ3ZDA3NTVfOWQ0ZmI3MDlfYTk0NF9kNTc3Yjcy
Content-Length: 374505
Accept-Ranges: bytes
X-NWS-LOG-UUID: 3509846022545947830
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600
u25022.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
45.151.135.43200 OK 566 kB URL GET HTTP/2 u25022.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 45.151.135.43:443
ASN #201106 Spartan Host Ltd
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectu25022.com
FingerprintE7:1E:3C:DC:C1:14:60:85:D8:DA:20:C4:10:09:CE:24:1F:7B:19:50
ValiditySun, 14 May 2023 08:00:59 GMT - Sat, 12 Aug 2023 08:00:58 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: u25022.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 565615
last-modified: Sun, 14 May 2023 08:27:12 GMT
etag: "64609b60-8a16f"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
mross022.com/bb7f858c0dad171784517c02e7bff891.gif
45.151.135.43200 OK 374 kB URL GET HTTP/2 mross022.com/bb7f858c0dad171784517c02e7bff891.gif
IP 45.151.135.43:443
ASN #201106 Spartan Host Ltd
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectmross022.com
Fingerprint70:25:B6:EB:77:E1:59:7D:DB:EF:8F:93:A8:BB:E3:80:8D:9D:69:A3
ValidityFri, 19 May 2023 10:44:33 GMT - Thu, 17 Aug 2023 10:44:32 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 374 kB (373739 bytes)
Hash 5a95e6e7e766c8182da57c63be2d74aa
05d3bb1e7694cc7e19b8ad33becc1f795200b02e
8b5db8afc46d038454fe425c5b6fa8e5e90524fe1da1a3f1b1e7c6338d3a80a3
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: mross022.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 373739
last-modified: Sun, 14 May 2023 08:34:58 GMT
etag: "64609d32-5b3eb"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
mross033.com/3926e27b41bff9ce2b6af510d5d52105.gif
45.151.135.43200 OK 382 kB URL GET HTTP/2 mross033.com/3926e27b41bff9ce2b6af510d5d52105.gif
IP 45.151.135.43:443
ASN #201106 Spartan Host Ltd
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectmross033.com
Fingerprint3B:6D:88:5E:56:87:87:40:30:B5:39:F1:DD:53:95:06:37:EC:89:D3
ValidityFri, 19 May 2023 10:46:20 GMT - Thu, 17 Aug 2023 10:46:19 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 382 kB (381888 bytes)
Hash c88373bd0efb6f3708b29b5fcb34b5ba
19250c35c574fae85be9c7b2e1d430300c736eba
8a538cce0fd5a1fd4eafa42e17fd0b551a1e7fa08c57df8a883b64e979bf3ed6
GET /3926e27b41bff9ce2b6af510d5d52105.gif HTTP/1.1
Host: mross033.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 381888
last-modified: Tue, 25 Apr 2023 10:43:17 GMT
etag: "6447aec5-5d3c0"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
uu3531uu.com/6b6c4101b455403ba373ae5ca973d112.gif
103.170.15.106200 OK 684 kB URL GET HTTP/1.1 uu3531uu.com/6b6c4101b455403ba373ae5ca973d112.gif
IP 103.170.15.106:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectuu3531uu.com
FingerprintD3:04:A4:AA:2E:68:57:A0:7E:24:70:B3:CE:22:27:2C:EE:FB:2B:0B
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683707 bytes)
Hash f49046a5e6117c50b0d0acf38d5771fd
ff89f0896c5bbbbe248aceccfc404f8282df55a6
656acf8e658dd3ae0a4fff74ac88c58c6d06687b1ccb379a9a211c439f095493
GET /6b6c4101b455403ba373ae5ca973d112.gif HTTP/1.1
Host: uu3531uu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64563e9d-a6ebb"
Date: Mon, 05 Jun 2023 03:28:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 May 2023 11:48:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-36
Content-Length: 683707
88885aaa.com/9afd3688393245e4ab8c8fb708e9e874.gif
103.170.15.72200 OK 739 kB URL GET HTTP/1.1 88885aaa.com/9afd3688393245e4ab8c8fb708e9e874.gif
IP 103.170.15.72:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject88885aaa.com
FingerprintDB:DF:65:BC:F2:3F:B7:58:F1:94:07:CE:8B:A7:EE:66:52:3E:D5:17
ValiditySun, 20 Nov 2022 00:00:00 GMT - Mon, 20 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 739 kB (738702 bytes)
Hash a8601033be5a80806bf825cb781b4954
b622626b2bd8550f9631f49258938c53ac30597a
87bbcc2c1cd8bae1e8f3cf8fe66f7ed5cd724ed7afcd4c841919e793871186c7
GET /9afd3688393245e4ab8c8fb708e9e874.gif HTTP/1.1
Host: 88885aaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64310ca1-b458e"
Date: Mon, 05 Jun 2023 07:59:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 08 Apr 2023 06:41:37 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 738702
kjimg10.360buyimg.com/ott/jfs/t1/96065/36/27822/335945/6380d2bdE11ab9724/63ce772bd832571a.gif
121.226.246.3200 OK 336 kB URL GET HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/96065/36/27822/335945/6380d2bdE11ab9724/63ce772bd832571a.gif
IP 121.226.246.3:443
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 336 kB (335945 bytes)
Hash a06fd13e48fb3e56ab6f4eae12348936
566f987d71d4bbe364a9f4fac9c023ea22a6db96
f5b462a221b9c085081817a50cfd0dfd07e72655b3d0c9939568d4b08ed93eb4
GET /ott/jfs/t1/96065/36/27822/335945/6380d2bdE11ab9724/63ce772bd832571a.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 335945
cache-control: max-age=15552000
expires: Sun, 03 Dec 2023 14:25:39 GMT
last-modified: Fri, 25 Nov 2022 14:35:41 GMT
age: 246405
via: http/1.1 ORI-CLOUD-HUZ-MIX-30 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-11 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1686061539799-0-0-16-100-100;200;200-1686289052219-0-0-0-0-0;200-1686307944731-0-0-0-1-1
X-Firefox-Spdy: h2
oss-cn-shenzhen.aliyun06062023.com/imgs/y96060_1.gif
172.247.170.195200 OK 157 kB URL GET HTTP/1.1 oss-cn-shenzhen.aliyun06062023.com/imgs/y96060_1.gif
IP 172.247.170.195:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectoss-cn-shenzhen.aliyun06062023.com
Fingerprint11:2C:54:C0:66:DD:45:35:45:3B:66:27:05:BA:D9:5C:BA:EA:92:D7
ValidityMon, 05 Jun 2023 07:25:46 GMT - Thu, 04 Jul 2024 07:25:45 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 157 kB (157267 bytes)
Hash 8e9c3e77855c8e70895f70d5345ba224
40dbe02858024e3f553bdb7ec94e38bfec1648e1
3e15783fcb462dd6e4fe58bfd578ab0591eb3330a9bd41364a59421a598c13a2
GET /imgs/y96060_1.gif HTTP/1.1
Host: oss-cn-shenzhen.aliyun06062023.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
ETag: "647da3ed-26653"
Server: nginx
Date: Mon, 05 Jun 2023 12:32:51 GMT
Content-Type: image/gif
Last-Modified: Mon, 05 Jun 2023 08:59:25 GMT
Expires: Wed, 05 Jul 2023 12:32:51 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Age: 339574
X-Cache: HIT from ac web server
Content-Length: 157267
aa558866aa.com/29b6e96db6a043d29beb9cd3e5757c0a.gif
103.170.15.101200 OK 459 kB URL GET HTTP/1.1 aa558866aa.com/29b6e96db6a043d29beb9cd3e5757c0a.gif
IP 103.170.15.101:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectaa558866aa.com
FingerprintB2:62:56:DF:E7:8F:B5:AE:D0:45:AB:74:41:55:80:5B:9F:93:89:4A
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 459 kB (458890 bytes)
Hash 0d9ad28c5daf9529a41a915bc83b15e3
8d19d6430caf76c6008672013af3021cb1c4288a
646a48b96f107a014723f4110c31191a2f456b89b2e0e9b148b4e74c6a1dd7e6
GET /29b6e96db6a043d29beb9cd3e5757c0a.gif HTTP/1.1
Host: aa558866aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "64427c7c-7008a"
Date: Wed, 07 Jun 2023 09:08:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 21 Apr 2023 12:07:24 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 458890
sezantp.oss-cn-hongkong.aliyuncs.com/bt96080a.gif
47.56.33.36200 OK 214 kB URL GET HTTP/1.1 sezantp.oss-cn-hongkong.aliyuncs.com/bt96080a.gif
IP 47.56.33.36:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subjectoss-cn-hongkong.aliyuncs.com
Fingerprint5C:54:6A:2A:0F:08:BF:7D:08:9D:A9:9B:21:2F:00:47:89:4F:59:91
ValiditySun, 23 Apr 2023 03:01:18 GMT - Fri, 24 May 2024 03:01:17 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 214 kB (213969 bytes)
Hash fbfdcc7b40b93f021c65a01a8f7a4360
6c449805780129472654fc44ffbe7bf313a2f658
1617a4d235b7b2b32acdf481353bd43b9275c31a18832f54940ff9d7629676ce
GET /bt96080a.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: image/gif
Content-Length: 213969
Connection: keep-alive
x-oss-request-id: 648304687E084E303148FABA
Accept-Ranges: bytes
ETag: "FBFDCC7B40B93F021C65A01A8F7A4360"
Last-Modified: Thu, 16 Mar 2023 07:31:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9142938679064989336
x-oss-storage-class: Standard
Content-MD5: +/3Me0C5PwIcZaAaj3pDYA==
x-oss-server-time: 1
kjimg10.360buyimg.com/ott/jfs/t20250608/101872/12/40553/887332/6482aa35Fc6eb04c3/3a8d7e158dfb0b83.gif
121.226.246.3200 OK 887 kB URL GET HTTP/2 kjimg10.360buyimg.com/ott/jfs/t20250608/101872/12/40553/887332/6482aa35Fc6eb04c3/3a8d7e158dfb0b83.gif
IP 121.226.246.3:443
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 887 kB (887332 bytes)
Hash 0660ebfed414f47907fbb5fa2caa496b
566b01d0ce27f12ce9c269990afc0ed1f61dc485
bd91842e95bd8863ea86156202de193faffffb6a368cd2f2dfbe9f4b025e066d
GET /ott/jfs/t20250608/101872/12/40553/887332/6482aa35Fc6eb04c3/3a8d7e158dfb0b83.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: image/gif
content-length: 887332
cache-control: max-age=15552000
expires: Wed, 06 Dec 2023 07:21:11 GMT
last-modified: Fri, 09 Jun 2023 04:27:33 GMT
age: 12673
via: http/1.1 ORI-CLOUD-HUZ-MIX-30 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-25 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1686295271836-0-0-1-38-38;200;200-1686298955631-0-0-0-2-2;200-1686307944740-0-0-0-0-0
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1da8dc2935032ad2176aa31b50cca8ca
0f51c1f3eef2ccd5f883b8232182a8fd4ae6f89c
ee0af8ccc7a78fa6af13a933654d0b5ea5726365f9682ca27bb00eb75912f87a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 13 Jun 2023 09:44:33 GMT
ETag: "0f51c1f3eef2ccd5f883b8232182a8fd4ae6f89c"
Last-Modified: Fri, 09 Jun 2023 09:44:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 37
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d3377e740afa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a1f4865e9936dd3b4627dbfc06db22e0
3a9f583a56186ce31e7056ca9f9f99c91525a8d3
1ed9fad6255abf2f8a1dd834a724443ce5525da4a186ea9c4abd802c5d2025be
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Jun 2023 08:43:10 GMT
ETag: "3a9f583a56186ce31e7056ca9f9f99c91525a8d3"
Last-Modified: Fri, 09 Jun 2023 08:43:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2299
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d337c81cb4f4-OSL
img11.360buyimg.com/jdsurvey/jfs/t1/151030/33/26644/233972/64773728Ff4119be6/d624fff4a5b44404.gif
163.171.134.109200 OK 234 kB URL GET HTTP/2 img11.360buyimg.com/jdsurvey/jfs/t1/151030/33/26644/233972/64773728Ff4119be6/d624fff4a5b44404.gif
IP 163.171.134.109:443
ASN #54994 QUANTILNETWORKS
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint23:53:09:4B:9F:54:15:EF:B9:E1:44:6E:54:3C:25:BB:88:15:17:4F
ValidityWed, 19 Oct 2022 09:39:14 GMT - Sun, 19 Nov 2023 06:52:17 GMT
File type GIF image data, version 89a, 640 x 200\012- data
Size 234 kB (233972 bytes)
Hash c1961d632709fe2fce2fe7feefb76bc1
a9c5aeb0c418cf5d92b1a0099565b442db2d9c4f
be1c0929d92d6542a93e94565d38d4c7b280c9f72602d56420ccb0dbc05b3388
GET /jdsurvey/jfs/t1/151030/33/26644/233972/64773728Ff4119be6/d624fff4a5b44404.gif HTTP/1.1
Host: img11.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:26 GMT
content-type: image/gif
content-length: 233972
expires: Mon, 27 Nov 2023 13:32:22 GMT
server: nginx
cache-control: max-age=15552000
last-modified: Wed, 31 May 2023 12:01:44 GMT
via: http/1.1 ORI-CLOUD-HB3-MIX-9 (jcs [cHs f ]), http/1.1 JN-UNI-2-MIX-19 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1685534888701-0-0-0-11-11;200;200-1685535675281-0-0-0-2-2;200-1685535714272-0-0-0-0-0
age: 1
x-via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:17 (Cdn Cache Server V2.0), 1.1 PSrdsdgemSTO1sw92:8 (Cdn Cache Server V2.0)
x-ws-request-id: 6483046a_PS-ARN-01C8L93_40979-43776
X-Firefox-Spdy: h2
facaiimage.com/vip/960-120.gif
20.89.236.17200 OK 985 kB URL GET HTTP/1.1 facaiimage.com/vip/960-120.gif
IP 20.89.236.17:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectfacaiimage.com
FingerprintE3:CC:74:C9:40:EA:C8:86:AA:E0:A5:08:8E:8E:2C:1D:78:DE:42:9F
ValiditySat, 20 May 2023 02:39:59 GMT - Fri, 18 Aug 2023 02:39:58 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 985 kB (984588 bytes)
Hash e30b71cd2447e8c217d4bc72fd1328c7
a01e636b18b1367a4e6a056570ab0d80e66f022c
666504acc91ff172ba7a73cfcec81a3cae044e2220495f155e41eaeefe8b9571
GET /vip/960-120.gif HTTP/1.1
Host: facaiimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 984588
Content-Type: image/gif
Date: Fri, 09 Jun 2023 06:36:09 GMT
ETag: "1686292569"
Expires: Sun, 09 Jul 2023 06:36:09 GMT
Last-Modified: Fri, 09 Jun 2023 06:36:09 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
X-Cache: HIT, policy, memory
kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
121.226.246.3200 OK 1.3 MB URL GET HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
IP 121.226.246.3:443
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.jd.com
Fingerprint5A:48:DE:DD:DD:AC:15:DB:65:A5:0E:C3:10:7A:20:72:69:B2:BF:0A
ValidityTue, 18 Oct 2022 07:17:10 GMT - Sun, 19 Nov 2023 06:52:17 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:25 GMT
content-type: image/gif
content-length: 1296026
cache-control: max-age=15552000
expires: Fri, 01 Dec 2023 12:10:54 GMT
last-modified: Sat, 26 Nov 2022 04:47:38 GMT
age: 427291
via: http/1.1 ORI-CLOUD-HUZ-MIX-24 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-11 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1685880654049-0-0-0-122-122;200;200-1686031957451-0-0-0-5-5;200-1686307945573-0-0-0-1-1
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 77965e9b0b62c77b4da801a8d75767be
6d53fa2bfa368afde8deeae7d4350a0b53f35530
df18bb5dafeaae81f13941261396964dc01016445a6ed21246bdd50a6fd0d58c
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 09 Jun 2023 10:51:50 GMT
last-modified: Thu, 08 Jun 2023 02:25:11 GMT
expires: Thu, 15 Jun 2023 02:25:10 GMT
etag: "6d53fa2bfa368afde8deeae7d4350a0b53f35530"
cache-control: max-age=595905,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7d48d25b0dd03a6a-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1686307910
via: cache4.l2de2[39,39,304-0,M], cache7.l2de2[40,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0], cache1.se1[3,0]
age: 36
x-cache: HIT TCP_MEM_HIT dirn:5:39648524
x-swift-savetime: Fri, 09 Jun 2023 10:51:50 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516863079463962368e, 2ff62c9516863079463962368e
shouptt.cn/960x60-3.gif
218.66.171.247200 OK 624 kB IP 218.66.171.247:443
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectshouptt.cn
Fingerprint19:63:93:B7:C6:DE:2E:8B:E5:8D:88:B5:D5:23:29:BE:76:43:53:1C
ValidityTue, 30 May 2023 08:26:29 GMT - Mon, 28 Aug 2023 08:26:28 GMT
File type GIF image data, version 89a, 960 x 60\012- data
Size 624 kB (624239 bytes)
Hash 0c2b3fdb8fe3d7d704f0cbc849a30108
d55ddccd9418fba968679a15b5a68fc88d5595e8
1cb854c08b3ea3a6f921f05d9c80a65377184ea5e8ac97b1389fc4bf75c2ed13
GET /960x60-3.gif HTTP/1.1
Host: shouptt.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Fri, 09 Jun 2023 10:52:25 GMT
content-type: image/gif
content-length: 624239
last-modified: Sun, 16 Apr 2023 07:11:46 GMT
x-rgw-object-type: Normal
etag: "0c2b3fdb8fe3d7d704f0cbc849a30108"
x-amz-request-id: tx000000000000000084a4a-006476d9c0-3dcc3-default
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-headers: *
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
openai-75050.gzc.vod.tencent-cloud.com/openaiassets_845336ca80754d6c0cc00307d88520d1.gif
43.156.222.49200 OK 1.1 kB URL GET HTTP/1.1 openai-75050.gzc.vod.tencent-cloud.com/openaiassets_845336ca80754d6c0cc00307d88520d1.gif
IP 43.156.222.49:443
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.sh.svp.tencent-cloud.com
Fingerprint1F:D8:AE:8F:68:00:53:CE:26:76:2F:13:EB:80:7E:26:E3:51:53:1A
ValidityTue, 02 Aug 2022 10:00:19 GMT - Sun, 03 Sep 2023 10:00:18 GMT
File type GIF image data, version 89a, 4 x 4\012- data
Hash 845336ca80754d6c0cc00307d88520d1
2fba01f9b116d45af426591113289a532f0cb931
6723dd61debb18f765a49a7ea34875b8144c4eabed0892bfc1d142cccf3c0a7a
GET /openaiassets_845336ca80754d6c0cc00307d88520d1.gif HTTP/1.1
Host: openai-75050.gzc.vod.tencent-cloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: NWSs
Date: Fri, 09 Jun 2023 10:52:26 GMT
Content-Type: image/gif
Content-Length: 1103
Connection: keep-alive
Ip: 0.0.0.0
x-cos-storage-class: STANDARD_IA
x-cos-hash-crc64ecma: 2811848431419591179
Content-Disposition: attachment; filename*="UTF-8''openaiassets_845336ca80754d6c0cc00307d88520d1.gif"
ETag: "2fba01f9b116d45af426591113289a532f0cb931"
x-cos-object-type: normal
Accept-Ranges: bytes
Last-Modified: Wed, 10 May 2023 11:42:58 GMT
X-NWS-LOG-UUID: 25d37c61-1f49-474b-8f28-dbf235e57294
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 0a9b5b0e0a813164ba76188a5b003006
60ad297f87615d2ad4cc23ebe9968057ff8ec984
7b8a4bbf29c2e9f67063845b1d7e5d42dc4f1f2bf39f4af27345d6ecb19d7db1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Jun 2023 23:31:17 GMT
Expires: Mon, 12 Jun 2023 23:31:16 GMT
Etag: "60ad297f87615d2ad4cc23ebe9968057ff8ec984"
Cache-Control: max-age=304129,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d337bff6b511-OSL
img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
47.246.44.251200 OK 2.7 kB URL GET HTTP/2 img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
IP 47.246.44.251:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1
ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT
File type ISO Media, AVIF Image\012- data
Hash 0c56af387054efc8e7d36693bf57fdc1
a3c43f4c457ade57a6eefefe922f3c85a505a055
c694944ef8ff768c5fa07282f8df5727a531342e625416cfe0797139f8b07359
GET /imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/avif
content-length: 2725
date: Mon, 05 Jun 2023 03:29:24 GMT
last-modified: Sat, 03 Jun 2023 09:51:18 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: HIT
request-time: 0.068
traceid: 2ff6329816859357642607574e
cache-control: max-age=31536000
ali-swift-global-savetime: 1685935764
via: cache39.l2us1[0,0,200-0,H], cache28.l2us1[0,0], cache1.se1[0,0,200-0,H], cache7.se1[2,0]
access-control-allow-origin: *
age: 372183
x-cache: HIT TCP_MEM_HIT dirn:11:114354436
x-swift-savetime: Tue, 06 Jun 2023 02:55:28 GMT
x-swift-cachetime: 31451636
s-rt: 2
timing-allow-origin: *
eagleid: 2ff62c9b16863079472972099e
X-Firefox-Spdy: h2
1cdn.8b4v.cn/xpj96080a.gif
220.200.129.225200 OK 272 kB URL GET HTTP/1.1 1cdn.8b4v.cn/xpj96080a.gif
IP 220.200.129.225:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject1cdn.8b4v.cn
Fingerprint90:2B:E9:98:30:96:6B:87:97:34:B5:C0:36:9A:12:91:81:E6:AF:12
ValidityThu, 13 Apr 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80\012- data
Size 272 kB (272151 bytes)
Hash 43a32492f5f0cac9660c7ab9d28ced1f
74dc58aad3d5ffc74d5536abda35d554edbd6aa5
b66bc61c4e4348cadf72790bf397b4bb70921196b0c9fb5935c280c354214450
GET /xpj96080a.gif HTTP/1.1
Host: 1cdn.8b4v.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Thu, 13 Apr 2023 06:41:22 GMT
Etag: "43a32492f5f0cac9660c7ab9d28ced1f"
Content-Type: image/gif
Date: Sun, 04 Jun 2023 02:39:49 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 15860531176344592078
x-cos-request-id: NjQ3YmY5NzVfNWFhZjZkMDlfMTYwYmVfNWFiMGI4Zg==
Content-Length: 272151
Accept-Ranges: bytes
X-NWS-LOG-UUID: 2389642524394274583
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600
pic1.semaobf1.com/20220525/2F34305F72BC36EE/2F34305F72BC36EE.jpg
109.122.211.21200 OK 9.6 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/2F34305F72BC36EE/2F34305F72BC36EE.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fe459037f6ab935357d7343d7f3be0c2
f12e482aebed5248490b2239dc5c94db0c4d360d
f5011f92c8f5fa67499d0dd8be17f9bd989500bbca757e9d0ef9cf5e871b0d90
GET /20220525/2F34305F72BC36EE/2F34305F72BC36EE.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 9572
Last-Modified: Wed, 07 Sep 2022 12:54:00 GMT
Connection: keep-alive
ETag: "63189468-2564"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220525/70FB27F7EA83A1D4/70FB27F7EA83A1D4.jpg
109.122.211.21200 OK 8.8 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/70FB27F7EA83A1D4/70FB27F7EA83A1D4.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 16384x12285, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 05a6604862b08e64bf28f8de25d5a74d
32089a864b39eb805977cd18f6595ad0c0cb70be
f6dad31360142aa70abc2775f9c3e176e8b77d59e2dea4ac2fec35c90ce70dcc
GET /20220525/70FB27F7EA83A1D4/70FB27F7EA83A1D4.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 8782
Last-Modified: Wed, 07 Sep 2022 13:22:49 GMT
Connection: keep-alive
ETag: "63189b29-224e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220525/2F5AC7756EE242C2/2F5AC7756EE242C2.jpg
109.122.211.21200 OK 8.6 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/2F5AC7756EE242C2/2F5AC7756EE242C2.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6dba1502db5871eecc4b278973a009a9
1315ce96dae244433bf5673e9dd078a46491ae16
f1a1cef03bdfa651bb699dafbf3fb40b1d64c7515eb869fd3aefd7317f58b685
GET /20220525/2F5AC7756EE242C2/2F5AC7756EE242C2.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 8589
Last-Modified: Wed, 07 Sep 2022 12:52:25 GMT
Connection: keep-alive
ETag: "63189409-218d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
lbfm.lbpictupian.com/upload/vod/2023/06/q5gsv5a0m2l.jpg
172.67.28.138200 OK 8.4 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/06/q5gsv5a0m2l.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da7e372bbd2f16b2ef98f45dd0f08ffc
8d404cbfacb77a2a388443807a096a08a03ee68c
0d844202bbc85f5d5c2413c465e966e50a62957b24db36ed3a2e60851bcd63a6
GET /upload/vod/2023/06/q5gsv5a0m2l.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/webp
content-length: 8368
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9174
content-disposition: inline; filename="q5gsv5a0m2l.webp"
etag: "6482f988-23d6"
last-modified: Fri, 09 Jun 2023 10:06:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d34188fc0b61-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/06/heqkmnmke5l.jpg
172.67.28.138200 OK 11 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/06/heqkmnmke5l.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash e86961383c2dc2815845b3e24b492176
1d259ec29cf96452678c81e9f0be3e3bcdb8eb51
55deb79ad1d1c08466cdc3feadfa5e4154e8e6d425c5f7fde8f851f2ab881a96
GET /upload/vod/2023/06/heqkmnmke5l.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/jpeg
content-length: 10720
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11314, status=webp_bigger
etag: "6482f98c-2c32"
last-modified: Fri, 09 Jun 2023 10:06:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d34188fb0b61-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/06/j4k5o52ycls.jpg
172.67.28.138200 OK 9.9 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/06/j4k5o52ycls.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c174a2f4567da14f0673149bffa8a132
857cf2a35213a4b8161a4718720a0b4b151e3dbc
eb3040d05a88906fbf478cb4cbbab40d4ede705b7c1512a13cf8517be99e4df6
GET /upload/vod/2023/06/j4k5o52ycls.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/webp
content-length: 9894
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10610
content-disposition: inline; filename="j4k5o52ycls.webp"
etag: "6482f996-2972"
last-modified: Fri, 09 Jun 2023 10:06:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 37
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d34188fe0b61-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/06/x1ztr5tadhe.jpg
172.67.28.138200 OK 12 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/06/x1ztr5tadhe.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 2fa17b7c6794240dbbf1d2617cccb927
56252f30f0a3064c5b80c063bd674d280ada5c4e
d9049dbc16e559a0eadcdaa6bb6bf6f42b04b08db597928892bc0023d3051e47
GET /upload/vod/2023/06/x1ztr5tadhe.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/jpeg
content-length: 12197
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12749, status=webp_bigger
etag: "6482f99a-31cd"
last-modified: Fri, 09 Jun 2023 10:06:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d34199020b61-OSL
X-Firefox-Spdy: h2
sycdn.pic-726-baidu.com/images/2023/06/01/oumei162.jpg
172.67.25.105200 OK 24 kB URL GET HTTP/2 sycdn.pic-726-baidu.com/images/2023/06/01/oumei162.jpg
IP 172.67.25.105:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint42:43:94:40:DA:A7:6A:08:47:F1:8F:EF:01:A2:7E:C1:C7:7C:E1:0E
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25daea8e497cd2b5f5bc251835c5da60
14ee1f996d25586aedb464155fe440ae36f3c600
9471ea3fdb4d145e5c74adc7cef8facce530b61a36d3b6d2b474f1cc66251ec3
GET /images/2023/06/01/oumei162.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/webp
content-length: 23980
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=219095
content-disposition: inline; filename="oumei162.webp"
etag: "64724f1a-357d7"
expires: Sun, 02 Jul 2023 22:30:11 GMT
last-modified: Sat, 27 May 2023 18:42:34 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 562936
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d341ae30b523-OSL
X-Firefox-Spdy: h2
sycdn.pic-726-baidu.com/images/2023/04/22/siwa393.jpg
172.67.25.105200 OK 119 kB URL GET HTTP/2 sycdn.pic-726-baidu.com/images/2023/04/22/siwa393.jpg
IP 172.67.25.105:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint42:43:94:40:DA:A7:6A:08:47:F1:8F:EF:01:A2:7E:C1:C7:7C:E1:0E
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x539, components 3\012- data
Size 119 kB (118908 bytes)
Hash 6aa343ae5f6f5e915f659c8f699c4280
425a76eaa3ca397f83f5084814d6bb1a939ea587
600a82a52beed0f57e2acef21139a596f3ac2ecc87ca5aa8b5a29286f49ca06a
GET /images/2023/04/22/siwa393.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/jpeg
content-length: 118908
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=173147, status=webp_bigger
etag: "6442c5ef-2a45b"
expires: Mon, 03 Jul 2023 17:02:13 GMT
last-modified: Fri, 21 Apr 2023 17:20:47 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 496214
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d341be32b523-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/06/xsligfjqjr1.jpg
172.67.28.138200 OK 12 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/06/xsligfjqjr1.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f03e8bdc5e1e2d743d7137791c40a82
ac48aa187a86b63c870bf5546721ec509d2d562f
a330fe7601404910a7eab3068a755a2179f56a0818fd7052079693592d0f3384
GET /upload/vod/2023/06/xsligfjqjr1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/webp
content-length: 12430
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13054
content-disposition: inline; filename="xsligfjqjr1.webp"
etag: "6482f990-32fe"
last-modified: Fri, 09 Jun 2023 10:06:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d341a9220b61-OSL
X-Firefox-Spdy: h2
pic1.semaobf1.com/20220525/3C3F4CF2DCCB7CAD/3C3F4CF2DCCB7CAD.jpg
109.122.211.21200 OK 10 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/3C3F4CF2DCCB7CAD/3C3F4CF2DCCB7CAD.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash f942a0dfe323dd57246ff35b2d15e4d9
8b582f74ab75efaf5941767fd1507cbfbcce9b67
6e4e695689781243d946281e988f733f8396046f0f980771ad8545616f6f6022
GET /20220525/3C3F4CF2DCCB7CAD/3C3F4CF2DCCB7CAD.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 10324
Last-Modified: Wed, 07 Sep 2022 12:52:28 GMT
Connection: keep-alive
ETag: "6318940c-2854"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220525/E6FA5AA98EAB8782/E6FA5AA98EAB8782.jpg
109.122.211.21200 OK 7.5 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/E6FA5AA98EAB8782/E6FA5AA98EAB8782.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 65fd6ae598e93da7e5db1ab87d7577d7
00d8379d06ac43dd3a5ea4022a7fe3a71caad5a9
1c4bf093838db7009da72b780d10c8ea676e2445c44bf37bd066d3185627b0be
GET /20220525/E6FA5AA98EAB8782/E6FA5AA98EAB8782.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 7479
Last-Modified: Wed, 07 Sep 2022 12:52:41 GMT
Connection: keep-alive
ETag: "63189419-1d37"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
s2.loli.net/2023/05/31/TasOeNKw3Pd4kpq.jpg
104.26.1.190200 OK 36 kB URL GET HTTP/2 s2.loli.net/2023/05/31/TasOeNKw3Pd4kpq.jpg
IP 104.26.1.190:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 602x401, components 3\012- data
Hash a06f7570d766e103bd6b7a2e8f7e282d
7743d4a99e2a9d31087cf0ac7ea6e24b8ea02d48
fc760678ae416445a237f11ea518c27e7836f7a4c0870ae8776b3ad3004b706a
GET /2023/05/31/TasOeNKw3Pd4kpq.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/jpeg
content-length: 36326
last-modified: Wed, 31 May 2023 11:03:25 GMT
etag: "6477297d-8de6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7%2FKbh2CWIaECUDK24OnKYgUnDqgAKE5jWkJi8Lnc4U8cJvCTXeiXkrPetqyenw995H0xyxRb27XZlq%2F91uy9GrdHLEJSX1dFSo7UNDpz%2BPYNC0pk2AjFjwbRk%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3417d08067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/04/xe5rljmx5au.jpg
172.67.28.138200 OK 13 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/04/xe5rljmx5au.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3376c2d3545a9be35200c22bc78ec6ca
a05940aba2585bed8cc83bcb01e01e6540bf82d3
ec213508316073ce34a6473b564f4bc2de22629c71daf71ba4c5e31ee7e742bd
GET /upload/vod/2023/04/xe5rljmx5au.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/jpeg
content-length: 12575
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13151, status=webp_bigger
etag: "643a7843-335f"
last-modified: Sat, 15 Apr 2023 10:11:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d341a9230b61-OSL
X-Firefox-Spdy: h2
s2.loli.net/2023/05/31/bdfwy2PVloiNWqC.jpg
104.26.1.190200 OK 17 kB URL GET HTTP/2 s2.loli.net/2023/05/31/bdfwy2PVloiNWqC.jpg
IP 104.26.1.190:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectloli.net
FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 336x221, components 3\012- data
Hash bf724c2b3ed499f956945bf840f46c4a
544261f064a723adf025102eda79367d71bca08e
0e4ab9ea4554a1e83571f4851b38904ac8caaa93b8d1cddb10f7c79346d60ce8
GET /2023/05/31/bdfwy2PVloiNWqC.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/jpeg
content-length: 16836
last-modified: Wed, 31 May 2023 11:30:20 GMT
etag: "64772fcc-41c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmZuZ8XVrK4V%2BpWD6csn777eW1NqVuz3nlAZAS3AWOqpTkEZkaIpAUiNyr32UEs%2BZLE1sPUqncXzn27IpfmW1oKvHNk7BmUANKa1B8pPKKSxOYd8Hm9IQUs4%2FKi7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3413ce8067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.tupku.top/lm/031815-80.gif
188.114.96.1200 OK 1.6 MB URL GET HTTP/2 www.tupku.top/lm/031815-80.gif
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecttupku.top
Fingerprint9A:D2:5D:31:DB:B7:0C:0E:D7:12:BB:E8:E1:3B:B8:7A:DE:0E:71:15
ValiditySun, 16 Apr 2023 14:18:55 GMT - Sat, 15 Jul 2023 14:18:54 GMT
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Sun, 02 Jul 2023 03:04:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 632888
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpKfLlz%2B4b%2BFKoiG0m8sNdh%2BUigxJ9189v2O47HAsDf7EH%2BOC6jmOhB3UTLcIA3yx1eL18RGTXh7fS2UV8MAr8OQeMl%2BoOYRrh9IPaZVfj4qPYFUtdVsrdFUTQ6edBWn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d3412f06b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hntv2298.top/template/1/static/css/mm-content.css
188.114.96.1200 OK 15 kB URL GET HTTP/3 www.hntv2298.top/template/1/static/css/mm-content.css
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type ASCII text, with CRLF line terminators
Hash 1e59dae3376b8dea66cb87888909ca4d
da6e9eb3d8d1009a6de506197f45521c360fce5d
5352797b5f76263408d18668f4d1e9eba0128c554ac5204c2ade8ba22ac8c26e
GET /template/1/static/css/mm-content.css HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: text/css
last-modified: Sun, 24 Jul 2022 09:28:42 GMT
vary: Accept-Encoding
etag: W/"62dd10ca-1ccd"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxjJK2ZR1hZhCMTb8PDBirUC2SG6sVKx6let57A1p77PCSsPLycwn0wzQoSdJNFYG8NC%2B%2FBQzpmV0NDm%2BLW4snw4UMp%2BzxCO6uWSBfd8iFEaOKuyRBzGxroAMNX0edD2hTNE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3298f8eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pic1.semaobf1.com/20220525/11E2D8EC9EFBB6AE/11E2D8EC9EFBB6AE.jpg
109.122.211.21200 OK 6.5 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/11E2D8EC9EFBB6AE/11E2D8EC9EFBB6AE.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2f19845d77199668b3003a90278461a4
48df90f8e2954e1b77415a0252748c9a178496f4
c870ddcbba68bb3d6d301604335e3cec533a01940dd2e4c8fa72a2815f0132c9
GET /20220525/11E2D8EC9EFBB6AE/11E2D8EC9EFBB6AE.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 6463
Last-Modified: Wed, 07 Sep 2022 12:57:52 GMT
Connection: keep-alive
ETag: "63189550-193f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
lbfm.lbpictupian.com/upload/vod/2023/05/zubdqo4ahf4.jpg
172.67.28.138200 OK 7.5 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/05/zubdqo4ahf4.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 89986778ad06f0aeae31d67c241f4c4d
be7720d8aea86a1b79804e0c0158914f411cd2fd
6976c643066953bcda92081baa15cf4b5a07d287e90181fddae5445b3f8b01cf
GET /upload/vod/2023/05/zubdqo4ahf4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/webp
content-length: 7490
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8429
content-disposition: inline; filename="zubdqo4ahf4.webp"
etag: "64635dbb-20ed"
last-modified: Tue, 16 May 2023 10:40:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d34188fd0b61-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/04/vh3qym1ou1j.jpg
172.67.28.138200 OK 9.0 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/04/vh3qym1ou1j.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6dbe24dede3813126c21cc23263bdd17
585c34648936cf7a063398c597800d7698a020e4
374a5630c82b678aa48c7466f49cb6fbdf175227fc84c000df9f4d89535ca303
GET /upload/vod/2023/04/vh3qym1ou1j.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/webp
content-length: 8980
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9472
content-disposition: inline; filename="vh3qym1ou1j.webp"
etag: "644a58cf-2500"
last-modified: Thu, 27 Apr 2023 11:13:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d341a9150b61-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/05/2m3ijgt0dic.jpg
172.67.28.138200 OK 11 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/05/2m3ijgt0dic.jpg
IP 172.67.28.138:443
Requested by https://www.hntv2298.top/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint73:1B:25:EC:DF:B3:82:66:80:70:9A:1E:BE:37:62:E7:29:F1:4D:00
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ea4974c30221ce44f3267bf06fc8ae6
41317fa48c42d25c5d0c61dee860367325ce6579
696bd0a1649ed5157d67f87d2d49d37ee1a53ac172f5e571050df8b4550d0406
GET /upload/vod/2023/05/2m3ijgt0dic.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/webp
content-length: 11436
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12192
content-disposition: inline; filename="2m3ijgt0dic.webp"
etag: "646c9541-2fa0"
last-modified: Tue, 23 May 2023 10:28:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7d48d341990e0b61-OSL
X-Firefox-Spdy: h2
pic1.semaobf1.com/20220510/CC691DDC4B7B150F/CC691DDC4B7B150F.jpg
109.122.211.21200 OK 78 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220510/CC691DDC4B7B150F/CC691DDC4B7B150F.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash 9e7017613577a0c9b874868ae0bbf4d6
aa216f2611a4385ffea07e88a3788e6ea0296128
ed733fa9a033abe8f95c36692f2866c3570b4c9f7850ebcc04b6d639e3f2c6b3
GET /20220510/CC691DDC4B7B150F/CC691DDC4B7B150F.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 78357
Last-Modified: Wed, 07 Sep 2022 12:55:55 GMT
Connection: keep-alive
ETag: "631894db-13215"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220525/D4C6166FF5188309/D4C6166FF5188309.jpg
109.122.211.21200 OK 12 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220525/D4C6166FF5188309/D4C6166FF5188309.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1dd18e4c5db96b5873dfd281491ddbfe
62e3a6d1047bcdd823f40b18ed17b3467f363585
f94be4ae7c50dd6d9aebb5902e3b0494895a56acbc648c3511a4d5b1b5de915f
GET /20220525/D4C6166FF5188309/D4C6166FF5188309.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 11794
Last-Modified: Wed, 07 Sep 2022 12:54:33 GMT
Connection: keep-alive
ETag: "63189489-2e12"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 242a4e575462d3265ef38f7c2c31f880
114e35813e0cb1fb8801c162b1410f67727788b3
ee9f8cab185463bcb58a68307b3a1ce0460b525d07433bb40901c9f46a1404f3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Jun 2023 08:13:25 GMT
ETag: "114e35813e0cb1fb8801c162b1410f67727788b3"
Last-Modified: Fri, 09 Jun 2023 08:13:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1458
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d344bb3eb4f4-OSL
dvcasha2.ocsp-certum.com/
23.36.79.10 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 2a116a4c5b71a7f215c3254315efafd0
210c41ded22dac7dad7c86c177ea1167b90e8482
8c29eaa36a3814aea198de76245e6824e5927f5a298dad2f8737c8723c983cbe
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=876
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948302_388255494_240924707_859_323_2_0_-";dur=1
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 2a116a4c5b71a7f215c3254315efafd0
210c41ded22dac7dad7c86c177ea1167b90e8482
8c29eaa36a3814aea198de76245e6824e5927f5a298dad2f8737c8723c983cbe
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=826
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948311_388255501_75291895_12_625_2_0_-";dur=1
dvcasha2.ocsp-certum.com/
23.36.79.10 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 2a116a4c5b71a7f215c3254315efafd0
210c41ded22dac7dad7c86c177ea1167b90e8482
8c29eaa36a3814aea198de76245e6824e5927f5a298dad2f8737c8723c983cbe
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=876
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948321_388255494_240936696_8_461_1_0_-";dur=1
pic1.semaobf1.com/20220510/898018F3FD435468/898018F3FD435468.jpg
109.122.211.21200 OK 33 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220510/898018F3FD435468/898018F3FD435468.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash 86b8a770e79a3ac16b55fd17986f3654
a84c2be0cea9f49111c59496144c232ec031418b
c74f5c42a7eb4012d45dc2b6d45f21504511fd16375f7edaef91948430305a2c
GET /20220510/898018F3FD435468/898018F3FD435468.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 32681
Last-Modified: Wed, 07 Sep 2022 13:13:34 GMT
Connection: keep-alive
ETag: "631898fe-7fa9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220525/FF1E6B90D438CF11/FF1E6B90D438CF11.jpg
109.122.211.42200 OK 10 kB URL GET HTTP/2 pic1.semaobf1.com/20220525/FF1E6B90D438CF11/FF1E6B90D438CF11.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 27ac6e6d3b3b5196ed7f000ca4706041
7112c17a95d3a97dfff8d6891436993a698dd639
455918af18180a8ba6d508327d89102b551a88cc00a64bb9e20b5b58b46a1acb
GET /20220525/FF1E6B90D438CF11/FF1E6B90D438CF11.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 10521
last-modified: Tue, 24 May 2022 19:20:30 GMT
etag: "628d2ffe-2919"
expires: Tue, 20 Jun 2023 10:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hntv2298.top/template/1/static/css/style.css
188.114.96.1200 OK 95 kB URL GET HTTP/3 www.hntv2298.top/template/1/static/css/style.css
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type assembler source, Unicode text, UTF-8 text, with very long lines (350), with CRLF line terminators
Hash 0e420343241be96d21c698be4cf1a7d5
400a7ee5dabdb8d588a905d7694a7e6685150376
185f42ca21ab4c5761237bc476d390d0208ed2d54c36f30c7feb6ad450e9510b
GET /template/1/static/css/style.css HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: text/css
last-modified: Wed, 19 Apr 2023 04:03:38 GMT
vary: Accept-Encoding
etag: W/"643f681a-10afe"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rts4p2QSq8G%2BfIlK5pOtsXO7I8I4674O2jo1RxUdHRMpT0neciPP2Jxtn4vPLAMaZWnsTIopvrinpWCQgk49OIQ37328NjAnaTUuIqN%2Fq%2BBtO5yTIZuyVomW5EOjs8OJafYn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3297f85b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dvcasha2.ocsp-certum.com/
23.36.79.17 1.6 kB URL dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 2a116a4c5b71a7f215c3254315efafd0
210c41ded22dac7dad7c86c177ea1167b90e8482
8c29eaa36a3814aea198de76245e6824e5927f5a298dad2f8737c8723c983cbe
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=826
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948481_388255501_75302978_11_619_1_0_-";dur=1
pic1.semaobf1.com/20220525/50B2C1F4F4C88632/50B2C1F4F4C88632.jpg
109.122.211.42200 OK 10 kB URL GET HTTP/2 pic1.semaobf1.com/20220525/50B2C1F4F4C88632/50B2C1F4F4C88632.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1e6fc42c467e1db4771ddb1ff1bd270d
caf162926ad9da9ed5ab07424f3d74e15c809bdb
05316b71454c1937a0a4071e9a00c183b39f8991020706a9f3d77cc2a878030d
GET /20220525/50B2C1F4F4C88632/50B2C1F4F4C88632.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 9997
last-modified: Tue, 24 May 2022 19:26:49 GMT
etag: "628d3179-270d"
expires: Tue, 20 Jun 2023 10:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash dfed4bd35ff14cf82f0f5ba8da463eb8
771463040c6b4930eac7bcb28451d555a7b6e4c9
6a54cc5b38ed350ad735c741a100dfa298492027ca8a18956c33486e8817dd7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 17:13:12 GMT
Expires: Wed, 14 Jun 2023 17:13:11 GMT
Etag: "771463040c6b4930eac7bcb28451d555a7b6e4c9"
Cache-Control: max-age=454242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d344c8f0b511-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 9e10541cf779d784732725309a6780b0
ab09fcd20420e1b4d2865e601f2ec438f9b5b375
5429a10bd8d09b3c0187caf75c4f2f550555e0573c056f3fee4ad878aef665d0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 13 Jun 2023 07:42:08 GMT
ETag: "ab09fcd20420e1b4d2865e601f2ec438f9b5b375"
Last-Modified: Fri, 09 Jun 2023 07:42:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1098
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d48d3463d49b4f4-OSL
pic1.semaobf1.com/20220525/8829542F82AE98D3/8829542F82AE98D3.jpg
109.122.211.42200 OK 12 kB URL GET HTTP/2 pic1.semaobf1.com/20220525/8829542F82AE98D3/8829542F82AE98D3.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b7f60091011081ada42be18f0ec9daf9
05fb3d94ef710179a8025f99fea4bd387b009764
425388e2eee4e51e42690954b9ba425b75b3e67c7f1455bcdb29c8de9320ac50
GET /20220525/8829542F82AE98D3/8829542F82AE98D3.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 12030
last-modified: Tue, 24 May 2022 21:47:39 GMT
etag: "628d527b-2efe"
expires: Tue, 20 Jun 2023 10:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 7520a307d0ac37a954f2157c4b51e683
892ee7808f6184362f0b64c69d74410d4be59e55
598c41ddbc78e99a8384f41c868e64d7333e018fc3fcd07bd2944378c686466c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 05:47:25 GMT
Expires: Thu, 15 Jun 2023 05:47:24 GMT
Etag: "892ee7808f6184362f0b64c69d74410d4be59e55"
Cache-Control: max-age=499749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d3464a11b50b-OSL
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 7520a307d0ac37a954f2157c4b51e683
892ee7808f6184362f0b64c69d74410d4be59e55
598c41ddbc78e99a8384f41c868e64d7333e018fc3fcd07bd2944378c686466c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 05:47:25 GMT
Expires: Thu, 15 Jun 2023 05:47:24 GMT
Etag: "892ee7808f6184362f0b64c69d74410d4be59e55"
Cache-Control: max-age=499749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d3467d740b61-OSL
lxbd2.com/f1067f057f9f3415205bc5de44bd7d5b.gif
172.83.155.45200 OK 57 kB URL GET HTTP/2 lxbd2.com/f1067f057f9f3415205bc5de44bd7d5b.gif
IP 172.83.155.45:443
ASN #201106 Spartan Host Ltd
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectlxbd2.com
FingerprintBD:68:BB:10:EC:8E:2A:1F:A1:F9:FA:FF:FA:77:AD:C7:B1:FE:FE:D2
ValiditySat, 27 May 2023 09:34:51 GMT - Fri, 25 Aug 2023 09:34:50 GMT
File type GIF image data, version 89a, 150 x 150\012- data
Hash 6a0178169521a422f15a823baccdf4ea
e6afa7d5f446474cf5a6a84b397e68b4429a8bf5
aca290990353c483218ff9c73e3bf6015bb3df13186d9444a28e81de26cfd976
GET /f1067f057f9f3415205bc5de44bd7d5b.gif HTTP/1.1
Host: lxbd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/gif
content-length: 57111
last-modified: Fri, 31 Mar 2023 06:50:28 GMT
etag: "642682b4-df17"
expires: Fri, 09 Jun 2023 22:52:28 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 148254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o81pSmUIO%2Fx93asJ47W8HPT0n%2Bkcbr%2BWT7oqnkCTbgIOapAp1HrxcxDjuf0EQWBPrMVnA0OvUKZ2wTPvXCrEqQT0E6ag8X0iggqmAs4B5oPmc%2FjvhwbcbsXwyML9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7d17158c0a4cc37b-SEA
alt-svc: h3=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/Jr6RUiO0/1.jpg
166.0.195.51200 OK 8.8 kB URL GET HTTP/2 img.aosikaimge.com/20230609/Jr6RUiO0/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 25507d7daa424090883f36317d724033
94de5e2fad1cdc141c39010440edff4173998934
2cab1ad8632c54b54f6b4a439addcb1292c2e596820510f0011cbb935c8e5d08
GET /20230609/Jr6RUiO0/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 8812
last-modified: Fri, 09 Jun 2023 09:15:29 GMT
etag: "6482edb1-226c"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash c1f33b36646ae145ed6062aba89ff830
8231e92567290146220cd4849095a1771aab4c12
9bdee348d1157efd7fbeada5bce402b72e23fece78c69eab760192616a265db1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Jun 2023 17:18:18 GMT
Expires: Wed, 14 Jun 2023 17:18:17 GMT
Etag: "8231e92567290146220cd4849095a1771aab4c12"
Cache-Control: max-age=454900,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d3470b11b50b-OSL
ocsp.buypass.com/
23.36.76.129 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash eca40038de380ffda0a43f5870a3332a
5dab197902488eb8470e5f97c60350b733bea0eb
d3ed7c165c8e50d7843f67c4de2231bcb9bb6c0ac44a12d102a85c751916e733
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 13a396dd-bbc7-48cc-a37d-3ff6de0b086f
Content-Length: 1701
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948640_388254845_13178265_5110_650_0_0_-";dur=1
ocsp.buypass.com/
23.36.76.129 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash f7de42384b42c893b23b4bb7d59a06af
496f0a54503f15456706c7d6cfeecb50c10d70c5
905bc9917410cb2c83ff83cf24c525c9ebcd07a7a524b93884c9745c8bc4970b
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 96ae0487-7ccd-4df1-a397-65c05746dd73
Content-Length: 1701
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948692_388254845_13178657_5104_622_0_0_-";dur=1
ocsp.buypass.com/
23.36.76.129 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 8ae22d8c6c466f9d0d7c50bd50944b8e
7d42ba1fe50fa3644838fc2d8dd96dd228485ef1
19a50e5671b70ae6c78b55a200390776a6badd128ffe2d03399aaa5150748f94
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 14866d60-139d-42f4-9731-5eac94455488
Content-Length: 1701
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948694_388254845_13178658_5106_377_0_0_-";dur=1
img.lytuchuang11.com/upload/vod/20230508-1/8deb67c1c0980980273ef6ced03f4e80.jpg
154.12.54.84200 OK 13 kB URL GET HTTP/1.1 img.lytuchuang11.com/upload/vod/20230508-1/8deb67c1c0980980273ef6ced03f4e80.jpg
IP 154.12.54.84:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectimg.lytuchuang11.com
FingerprintE3:3D:9D:A3:73:BC:09:47:F6:A1:B7:48:78:1F:5F:7A:8D:FB:93:0F
ValiditySat, 29 Apr 2023 13:39:30 GMT - Fri, 28 Jul 2023 13:39:29 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5d8d85d2a833b995dc4aba02bbc9e5fb
81ea8ba3b3ba838d8e70fa6b86bc5166afb698a5
b622a45ac8cef16ebc612bab2bc2e13f545c2e04a26aed4418d65a5212ea8c72
GET /upload/vod/20230508-1/8deb67c1c0980980273ef6ced03f4e80.jpg HTTP/1.1
Host: img.lytuchuang11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 13153
Last-Modified: Sun, 07 May 2023 16:09:21 GMT
Connection: keep-alive
ETag: "6457cd31-3361"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.buypass.com/
23.36.76.129 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 8ae22d8c6c466f9d0d7c50bd50944b8e
7d42ba1fe50fa3644838fc2d8dd96dd228485ef1
19a50e5671b70ae6c78b55a200390776a6badd128ffe2d03399aaa5150748f94
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 3ec09513-d37d-40c9-9d5d-130af4a42656
Content-Length: 1701
Date: Fri, 09 Jun 2023 10:52:28 GMT
Connection: keep-alive
Server-Timing: ak_p; desc="1686307948707_388254845_13178660_5096_449_12_0_-";dur=1
img.aosikaimge.com/20230609/NWpHsYjR/1.jpg
166.0.195.51200 OK 8.1 kB URL GET HTTP/2 img.aosikaimge.com/20230609/NWpHsYjR/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e0b7b417d23330992462b19d1b27db9a
79a724f46f5d2df177b971f35e9a048839f59e76
92f237fe0b822a44be7bdcf72dedd4adac571d60a9302bd523bab2ad6cc047e0
GET /20230609/NWpHsYjR/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 8110
last-modified: Fri, 09 Jun 2023 09:12:34 GMT
etag: "6482ed02-1fae"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pic1.semaobf1.com/20220510/E50D45EAF8A824FB/E50D45EAF8A824FB.jpg
109.122.211.42200 OK 93 kB URL GET HTTP/2 pic1.semaobf1.com/20220510/E50D45EAF8A824FB/E50D45EAF8A824FB.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash dfd60017d6c476ada9266513e2954919
b587fc2d491c0c33ab7c9e5de6abcdc6eb6c8bb0
b609e41b5efdacca18259418b4a4b7a2161f532d167127478876b3cde5549107
GET /20220510/E50D45EAF8A824FB/E50D45EAF8A824FB.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 92915
last-modified: Fri, 11 Mar 2022 09:38:55 GMT
etag: "622b18af-16af3"
expires: Tue, 20 Jun 2023 10:43:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
d.drtyujgsg.xyz/ty/4DB5F0C5-7B4F-16052-34-B86322ABBC92.alpha
23.225.154.19 17 kB URL GET d.drtyujgsg.xyz/ty/4DB5F0C5-7B4F-16052-34-B86322ABBC92.alpha
IP 23.225.154.19:0
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectd.dfghaqea.xyz
Fingerprint31:DE:CA:34:51:01:DA:AE:67:65:CC:27:86:69:F3:D4:33:6D:21:6B
ValidityWed, 04 Jan 2023 00:00:00 GMT - Thu, 04 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (5906)
Hash 70ab628d9154185e064100c75a3af9f6
73ebb57912929308df0fd56e8fb372a61e8c6ecf
026f2340b79c809eeefd66205d029f95af6619b6cbf11da850696fe2c5c13b1a
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/4DB5F0C5-7B4F-16052-34-B86322ABBC92.alpha HTTP/1.1
Host: d.drtyujgsg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:25 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Fri, 09 Jun 2023 10:52:25 GMT
expires: Fri, 09 Jun 2023 11:07:25 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.lytuchuang12.com/upload/vod/20230522-1/e7f5df3632add1696e2d5681a7e2c15e.jpg
154.12.54.73200 OK 7.9 kB URL GET HTTP/1.1 img.lytuchuang12.com/upload/vod/20230522-1/e7f5df3632add1696e2d5681a7e2c15e.jpg
IP 154.12.54.73:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerBuypass AS-983163327
Subjectimg.lytuchuang12.com
Fingerprint48:50:C2:1A:DE:FD:A3:78:4E:17:DA:75:46:82:3D:72:B7:3A:9B:5C
ValiditySat, 29 Apr 2023 14:39:20 GMT - Wed, 25 Oct 2023 21:59:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 5713x4285, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0c01b97e975d4058016260050f1ecaf4
a39c988ff3ba7a773f668c2870467223fb961c08
27ac3ffe2a034b4a948bc4b448aa0ca2d1df5bcf9759ab79b3853dfa76e3bba5
GET /upload/vod/20230522-1/e7f5df3632add1696e2d5681a7e2c15e.jpg HTTP/1.1
Host: img.lytuchuang12.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 7906
Last-Modified: Mon, 22 May 2023 06:00:15 GMT
Connection: keep-alive
ETag: "646b04ef-1ee2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220510/39BA4F0719378AB3/39BA4F0719378AB3.jpg
109.122.211.42200 OK 56 kB URL GET HTTP/2 pic1.semaobf1.com/20220510/39BA4F0719378AB3/39BA4F0719378AB3.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash b8175c5efddde9287e7ee87e69fde4c4
8477a2d3af0ac3286c8d9f46d5aaa22fb1a04619
f44a386600ffa5f53b730b66a598476e209641a242188e4aa9e3b71f4db29d61
GET /20220510/39BA4F0719378AB3/39BA4F0719378AB3.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 56327
last-modified: Fri, 11 Mar 2022 09:46:20 GMT
etag: "622b1a6c-dc07"
expires: Tue, 20 Jun 2023 10:43:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pic1.semaobf1.com/20220510/921BE0605F52B027/921BE0605F52B027.jpg
109.122.211.42200 OK 83 kB URL GET HTTP/2 pic1.semaobf1.com/20220510/921BE0605F52B027/921BE0605F52B027.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash a7e5e9a698a8ab4fa9709b324c92a532
2e5c02a87e03dfe58bd1357eae9b9280670967e7
430517ea7963e9147580d4e6f3002ba77d97311e13eb22f00d14554c7e7c48f3
GET /20220510/921BE0605F52B027/921BE0605F52B027.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 83250
last-modified: Fri, 11 Mar 2022 09:34:59 GMT
etag: "622b17c3-14532"
expires: Tue, 20 Jun 2023 10:43:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pic1.semaobf1.com/20220510/B5C34EAF4F39C248/B5C34EAF4F39C248.jpg
109.122.211.42200 OK 78 kB URL GET HTTP/2 pic1.semaobf1.com/20220510/B5C34EAF4F39C248/B5C34EAF4F39C248.jpg
IP 109.122.211.42:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash 046ad49ec4165a5f29727369f4b667f3
0ab508b3c2e77766f4c471df4cfc6c3797b9a797
b190fe1d6dccca16cf7fe257e0964eec89f2c8c77eaa8ef5357dfad4925f6fac
GET /20220510/B5C34EAF4F39C248/B5C34EAF4F39C248.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 77500
last-modified: Fri, 11 Mar 2022 09:32:56 GMT
etag: "622b1748-12ebc"
expires: Tue, 20 Jun 2023 10:43:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.siwazywimg2.com:5278/cvjpg/8I9jBdeK.jpg
108.165.238.192200 OK 44 kB URL GET HTTP/2 img.siwazywimg2.com:5278/cvjpg/8I9jBdeK.jpg
IP 108.165.238.192:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectimg.siwazywimg2.com
Fingerprint5F:FF:C0:83:CA:7E:76:01:01:58:CA:A0:FA:C9:99:7C:FB:AB:35:33
ValidityFri, 19 May 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 890x510, components 3\012- data
Hash 20d72f9d1c0b2cb01809e8a3c133db4e
1ba34c8df3cf3dcc7ac2032ca962de613013edb2
7f29dced619078511903eb7e7d5a29728d2b244ffa7fff494a0c83cd1a1d6501
GET /cvjpg/8I9jBdeK.jpg HTTP/1.1
Host: img.siwazywimg2.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 43637
last-modified: Tue, 16 May 2023 06:41:36 GMT
etag: "646325a0-aa75"
x-cache-server: s194, s74
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.siwapay.com:5278/cvjpg/8U6ydw9k.jpg
108.165.238.222200 OK 58 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/8U6ydw9k.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Hash 9f082634d76c20d70e36957b15d5e11c
9b4acbf67f5c5cd3dfcf6196722d2585af7bb214
4f1c661b0480730e04f785b890879740fed4ea82f8bd8042a98e1a7c7c7a038c
GET /cvjpg/8U6ydw9k.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 58399
last-modified: Sat, 08 Apr 2023 08:40:01 GMT
etag: "64312861-e41f"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.siwapay.com:5278/cvjpg/7j4AaWXv.jpg
108.165.238.222200 OK 22 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/7j4AaWXv.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 452x681, components 3\012- data
Hash d9693ebad43b719107778f9bffdbfca7
1197c4c83740f99a551e3b630852a2ddfae28752
4d3b0afdab12ab2482ce802eac4e982c89e3d410267c221de5d95ec4597eec04
GET /cvjpg/7j4AaWXv.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 21495
last-modified: Fri, 24 Mar 2023 10:19:45 GMT
etag: "641d7941-53f7"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/zHJJP9JE/1.jpg
166.0.195.51200 OK 11 kB URL GET HTTP/2 img.aosikaimge.com/20230609/zHJJP9JE/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 453x340, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8d3b7e7c8a7cb39f2a7fe1d58fb45260
914ff43571cc1749df9ab15e580e6b2dddc6f4b1
ed30871a119218a75f48347a04e2c75c0c25bbbe7fa1b2de81e1d7c16ebbb6a4
GET /20230609/zHJJP9JE/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 11326
last-modified: Fri, 09 Jun 2023 09:50:25 GMT
etag: "6482f5e1-2c3e"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u1010.com/de8aa26c3b91403bb8df9a76c231d424.gif
103.170.15.66200 OK 44 kB URL GET HTTP/2 u1010.com/de8aa26c3b91403bb8df9a76c231d424.gif
IP 103.170.15.66:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectu1010.com
FingerprintBE:0F:E7:A1:5E:32:BF:CE:5A:07:8B:ED:FF:AB:0C:F7:87:1F:D8:5E
ValiditySat, 29 Oct 2022 00:00:00 GMT - Sun, 29 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 250\012- data
Hash 6f42531b65d344c893a679937afcac43
8f80785997c717f24e8ece9b63ac9b7120c77829
a7b14524415b5cde082ec929eb1840475e7ed735a853ee57fb6fa09de60ddd77
GET /de8aa26c3b91403bb8df9a76c231d424.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=86400
etag: "64086ab0-ab8f"
server: nginx
date: Thu, 08 Jun 2023 05:51:22 GMT
content-type: image/gif
last-modified: Wed, 08 Mar 2023 11:00:00 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-56
content-length: 43919
X-Firefox-Spdy: h2
img.lytuchuang11.com/upload/vod/20230507-1/05dfc034493cdd710297143de7c24a9a.jpg
154.12.54.84200 OK 99 kB URL GET HTTP/1.1 img.lytuchuang11.com/upload/vod/20230507-1/05dfc034493cdd710297143de7c24a9a.jpg
IP 154.12.54.84:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectimg.lytuchuang11.com
FingerprintE3:3D:9D:A3:73:BC:09:47:F6:A1:B7:48:78:1F:5F:7A:8D:FB:93:0F
ValiditySat, 29 Apr 2023 13:39:30 GMT - Fri, 28 Jul 2023 13:39:29 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Hash 10ce0df6bb3ee6c14edd7c053df9f200
18d9f5dc147eec4c6e07be8f2f3d5f150c4f2107
c9506d10cb15be37ea752a7a54097ac994126374b3d6932bb70c0e7aa45750d1
GET /upload/vod/20230507-1/05dfc034493cdd710297143de7c24a9a.jpg HTTP/1.1
Host: img.lytuchuang11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 98792
Last-Modified: Sat, 06 May 2023 20:33:46 GMT
Connection: keep-alive
ETag: "6456b9aa-181e8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.aosikaimge.com/20230609/chNDrCLe/1.jpg
166.0.195.51200 OK 10 kB URL GET HTTP/2 img.aosikaimge.com/20230609/chNDrCLe/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 6333c254390df12f2f1b766e79499fa0
21fa57bf06be10f374fdcf968aa3eb85b06690ef
6f7b9d398a185b9a353079190c948cf0a669dc91cbb878c010751be7cb882a28
GET /20230609/chNDrCLe/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 10338
last-modified: Fri, 09 Jun 2023 09:19:00 GMT
etag: "6482ee84-2862"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.lytuchuang11.com/upload/vod/20230508-1/b299483a3d94f571f865534cc4cea288.jpg
154.12.54.84200 OK 136 kB URL GET HTTP/1.1 img.lytuchuang11.com/upload/vod/20230508-1/b299483a3d94f571f865534cc4cea288.jpg
IP 154.12.54.84:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectimg.lytuchuang11.com
FingerprintE3:3D:9D:A3:73:BC:09:47:F6:A1:B7:48:78:1F:5F:7A:8D:FB:93:0F
ValiditySat, 29 Apr 2023 13:39:30 GMT - Fri, 28 Jul 2023 13:39:29 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Size 136 kB (136256 bytes)
Hash 9ab416e0a9c4cc9c9a5da236f1836249
e4f34119307dd55f2e02d011a796a33e6b6d63a8
6d3cb86d29d36135399c2fa76f90590b0434480dd3a3e29cc490d4bf72ad5784
GET /upload/vod/20230508-1/b299483a3d94f571f865534cc4cea288.jpg HTTP/1.1
Host: img.lytuchuang11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 136256
Last-Modified: Sun, 07 May 2023 16:14:30 GMT
Connection: keep-alive
ETag: "6457ce66-21440"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.aosikaimge.com/20230424/PfZaR9ae/1.jpg
166.0.195.51200 OK 44 kB URL GET HTTP/2 img.aosikaimge.com/20230424/PfZaR9ae/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash 87f738bec8d83636a908938500234716
dc2822c98b93b9da1ad7344e19f85240bca42bd4
abfb9dc61dcd03c61184a19239e2183844a369e0793eae142a8dfcc9e84c60b4
GET /20230424/PfZaR9ae/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 44423
last-modified: Mon, 24 Apr 2023 13:36:52 GMT
etag: "644685f4-ad87"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/79OzmjvZ/1.jpg
166.0.195.51200 OK 9.2 kB URL GET HTTP/2 img.aosikaimge.com/20230609/79OzmjvZ/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 38b6c8a85992fad3b9b4fa6b770d0e86
ddc1f88a3d38a612450d9e1d74a419b09b1d0171
981b8693f39eec8bf5bc5d1f3111b467bd0172c7398e9bfa0f27783cab537391
GET /20230609/79OzmjvZ/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 9174
last-modified: Fri, 09 Jun 2023 09:05:14 GMT
etag: "6482eb4a-23d6"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/Wag7Sm4L/1.jpg
166.0.195.51200 OK 10 kB URL GET HTTP/2 img.aosikaimge.com/20230609/Wag7Sm4L/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d5bad16a682755f62ecbab8f9fd0ea50
d0a780ea6ef270002b62379b242c651f7ba3f84f
647e04bc49e7355b5abbef38e246b0863941e210f713fd38d35ffd52de19d6b8
GET /20230609/Wag7Sm4L/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 10521
last-modified: Fri, 09 Jun 2023 09:51:20 GMT
etag: "6482f618-2919"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/m4oZb2xq/1.jpg
166.0.195.51200 OK 10 kB URL GET HTTP/2 img.aosikaimge.com/20230609/m4oZb2xq/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ec3bcc6ad85549569bfc7c84405e7748
da2f5261940f3f89cd85c7b98900b224458c9593
a49888bdae8783feff9511e7328b0d53520d086fa8decf2c32201a258f766301
GET /20230609/m4oZb2xq/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 10355
last-modified: Fri, 09 Jun 2023 09:50:15 GMT
etag: "6482f5d7-2873"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/smG5XiPg/1.jpg
166.0.195.51200 OK 12 kB URL GET HTTP/2 img.aosikaimge.com/20230609/smG5XiPg/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 301380554a33e9c65f1e670e056df154
f7b558f6ca7490601c6566b852074e9e646f7ba1
de7e196e1d3f746b1b128b8a7e2ef165dacc8e21d3ae62714e3c0491c4933357
GET /20230609/smG5XiPg/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 12266
last-modified: Fri, 09 Jun 2023 09:02:18 GMT
etag: "6482ea9a-2fea"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.siwapay.com:5278/cvjpg/ubqMBQey.jpg
108.165.238.222200 OK 88 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/ubqMBQey.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Hash 3e179e2f6609a3c8ae91db67130e850a
a3530cd3c9b8c7c8ab5cb1311485ed0fc3e7c7b9
8e675cbf4740425de6d56bc919364fe947ea624862dbd4893b674d20e4006572
GET /cvjpg/ubqMBQey.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 88546
last-modified: Sun, 21 May 2023 08:31:32 GMT
etag: "6469d6e4-159e2"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/0qtSgnTb/1.jpg
166.0.195.51200 OK 9.4 kB URL GET HTTP/2 img.aosikaimge.com/20230609/0qtSgnTb/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4862d5374d40151230f08decd3b6a898
44ac54358949d0e3dcd20766c71a4df4a2194984
077f2145c8df46f4b2f3cbf1208df1a19861ed57399a1edb7f22b77d565dcf4b
GET /20230609/0qtSgnTb/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 9426
last-modified: Fri, 09 Jun 2023 09:25:19 GMT
etag: "6482efff-24d2"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/deItbTkG/1.jpg
166.0.195.51200 OK 8.9 kB URL GET HTTP/2 img.aosikaimge.com/20230609/deItbTkG/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 0e53b249fb668db319ef3c6f1b884754
d1ec4b58d2a813d4f1e627096002ad0ed5fc1da3
ee6fc4bb4dc83cfe275c862e62937cc04e65a5aa03ef3b0a3872a8fe8103fbb6
GET /20230609/deItbTkG/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 8918
last-modified: Fri, 09 Jun 2023 09:13:24 GMT
etag: "6482ed34-22d6"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.aosikaimge.com/20230609/Kej3PtOK/1.jpg
166.0.195.51200 OK 12 kB URL GET HTTP/2 img.aosikaimge.com/20230609/Kej3PtOK/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash da1fecc8343807e89bebf079e4deabfd
bc1a1e62f0eb972a841256a31e67da0532b00bf8
03996ae8280c3098c16ed8ec0f45ec888a7647a70e20e770bdaa0be86d5a8444
GET /20230609/Kej3PtOK/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 12374
last-modified: Fri, 09 Jun 2023 09:49:35 GMT
etag: "6482f5af-3056"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.siwapay.com:5278/cvjpg/EmPz39ue.jpg
108.165.238.222200 OK 25 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/EmPz39ue.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 720x415, components 3\012- data
Hash 84733980cf6c88f8fcb5aaa4ef5e9221
229f548d9f69bdf754c77bf80b3b1525d1df3a66
2248e1d193454f8b818e16aab99552caed6ebe68f4ace7a3a3ef5410ea18ca4a
GET /cvjpg/EmPz39ue.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 25120
last-modified: Tue, 23 May 2023 07:38:37 GMT
etag: "646c6d7d-6220"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.lytuchuang11.com/upload/vod/20230511-1/5a6e2dc34eefba7e7b82300fd2677d62.jpg
154.12.54.84200 OK 196 kB URL GET HTTP/1.1 img.lytuchuang11.com/upload/vod/20230511-1/5a6e2dc34eefba7e7b82300fd2677d62.jpg
IP 154.12.54.84:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectimg.lytuchuang11.com
FingerprintE3:3D:9D:A3:73:BC:09:47:F6:A1:B7:48:78:1F:5F:7A:8D:FB:93:0F
ValiditySat, 29 Apr 2023 13:39:30 GMT - Fri, 28 Jul 2023 13:39:29 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2022:04:25 11:38:52], progressive, precision 8, 785x523, components 3\012- data
Size 196 kB (196221 bytes)
Hash 4c11c44116c6fbf28760b06ea408d7fe
6720c1e52641b3d95d877070c99e2626d678edec
f1c4ffecdb7d1d0e1dc2db6ff2c0ebc55985e5e871e904ccb53e9b5704fbb550
GET /upload/vod/20230511-1/5a6e2dc34eefba7e7b82300fd2677d62.jpg HTTP/1.1
Host: img.lytuchuang11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 196221
Last-Modified: Thu, 11 May 2023 00:31:24 GMT
Connection: keep-alive
ETag: "645c375c-2fe7d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.aosikaimge.com/20230510/gGrVMhq0/1.jpg
166.0.195.51200 OK 239 kB URL GET HTTP/2 img.aosikaimge.com/20230510/gGrVMhq0/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3\012- data
Size 239 kB (239132 bytes)
Hash 5cbe08abd1451fce39fcfcbb1835c4d5
ef0d10ec360e0c351e3abe9322df01b2cd0ed1c1
d05571885beec752c5a3b74de7631bba25b1543b6452850b1bc753e5c0b045c9
GET /20230510/gGrVMhq0/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 239132
last-modified: Thu, 11 May 2023 03:20:26 GMT
etag: "645c5efa-3a61c"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.siwapay.com:5278/cvjpg/ev8HXtJM.jpg
108.165.238.222200 OK 61 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/ev8HXtJM.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Hash b15a6b83d4a605f817d0d08f25e902df
5dbb45f88a720115151e7beb133016d49a643704
0e9b86da43477e0ec355b038d506f6e7c57377e40f4afd4ab86473a77d6bbaf0
GET /cvjpg/ev8HXtJM.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 61215
last-modified: Tue, 04 Apr 2023 08:05:15 GMT
etag: "642bda3b-ef1f"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.lytuchuang10.com/upload/vod/20230426-1/c8e8fb83068e1fcc93fa999d696d9d13.jpg
154.12.54.75200 OK 156 kB URL GET HTTP/1.1 img.lytuchuang10.com/upload/vod/20230426-1/c8e8fb83068e1fcc93fa999d696d9d13.jpg
IP 154.12.54.75:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerBuypass AS-983163327
Subjectimg.lytuchuang10.com
Fingerprint66:95:19:CC:3F:2D:7E:10:67:F2:42:E1:25:2B:31:F9:78:44:79:85
ValidityTue, 14 Feb 2023 10:51:45 GMT - Sat, 12 Aug 2023 21:59:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Intel(R) JPEG Library, version [1.51.13.45]", baseline, precision 8, 680x453, components 3\012- data
Size 156 kB (155881 bytes)
Hash ce7cf3a7a830da0b854655cce3c06c80
ab0b461dff6bca4f3d412bfd0916ae5f2d6228a5
6980965d3ed4c4423dcab44ff44a95f9973e916f6ddadc7086d88149a483b37c
GET /upload/vod/20230426-1/c8e8fb83068e1fcc93fa999d696d9d13.jpg HTTP/1.1
Host: img.lytuchuang10.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 155881
Last-Modified: Tue, 25 Apr 2023 18:00:14 GMT
Connection: keep-alive
ETag: "6448152e-260e9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 7520a307d0ac37a954f2157c4b51e683
892ee7808f6184362f0b64c69d74410d4be59e55
598c41ddbc78e99a8384f41c868e64d7333e018fc3fcd07bd2944378c686466c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 05:47:25 GMT
Expires: Thu, 15 Jun 2023 05:47:24 GMT
Etag: "892ee7808f6184362f0b64c69d74410d4be59e55"
Cache-Control: max-age=499494,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d48d3464acdb511-OSL
img.aosikaimge.com/20230430/e1GCnPzK/1.jpg
166.0.195.51200 OK 211 kB URL GET HTTP/2 img.aosikaimge.com/20230430/e1GCnPzK/1.jpg
IP 166.0.195.51:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintAE:25:6E:2D:01:4E:2A:74:4F:91:BD:2B:32:AF:0F:A0:1D:14:6B:DE
ValidityTue, 29 Nov 2022 14:37:17 GMT - Thu, 28 Dec 2023 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 211 kB (211141 bytes)
Hash c1d9d2d40f6f595ca5ca50cb4113aaa9
d07a3a7dcf2db050bb9cbfc097271459039265d4
6909dd443bd2d432d077568d020b727cc094be5f2b826b3505dfaef8f4753b9a
GET /20230430/e1GCnPzK/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 211141
last-modified: Sun, 30 Apr 2023 16:21:29 GMT
etag: "644e9589-338c5"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.lytuchuang10.com/upload/vod/20230428-1/5ce63f0cbecbe3ec7364304ae63272e7.jpg
154.12.54.75200 OK 195 kB URL GET HTTP/1.1 img.lytuchuang10.com/upload/vod/20230428-1/5ce63f0cbecbe3ec7364304ae63272e7.jpg
IP 154.12.54.75:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerBuypass AS-983163327
Subjectimg.lytuchuang10.com
Fingerprint66:95:19:CC:3F:2D:7E:10:67:F2:42:E1:25:2B:31:F9:78:44:79:85
ValidityTue, 14 Feb 2023 10:51:45 GMT - Sat, 12 Aug 2023 21:59:00 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=523, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=785], baseline, precision 8, 800x533, components 3\012- data
Size 195 kB (195183 bytes)
Hash 5b4b247c137f1916b8bd5c478dd8a2c2
1861bd94e36651f5f936e9e7dcab52ddfd7ca120
c06c93ed34d6e92efb535886c92662a83b1c6008dff1540a6726c29e32c0660f
GET /upload/vod/20230428-1/5ce63f0cbecbe3ec7364304ae63272e7.jpg HTTP/1.1
Host: img.lytuchuang10.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 195183
Last-Modified: Thu, 27 Apr 2023 17:04:45 GMT
Connection: keep-alive
ETag: "644aab2d-2fa6f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.lytuchuang11.com/upload/vod/20230430-1/5962b49c77e403f860b69d0a74d0bd01.jpg
154.12.54.84200 OK 226 kB URL GET HTTP/1.1 img.lytuchuang11.com/upload/vod/20230430-1/5962b49c77e403f860b69d0a74d0bd01.jpg
IP 154.12.54.84:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectimg.lytuchuang11.com
FingerprintE3:3D:9D:A3:73:BC:09:47:F6:A1:B7:48:78:1F:5F:7A:8D:FB:93:0F
ValiditySat, 29 Apr 2023 13:39:30 GMT - Fri, 28 Jul 2023 13:39:29 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=523, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=785], baseline, precision 8, 800x533, components 3\012- data
Size 226 kB (225570 bytes)
Hash 31631bf94c3beedcdd6171c7dde4fbd6
3eee1413c4e9f4cca74a1a6717f7cf5b18149293
b83a02e0c3e2cc6060b6dc0bd0c53a7253ec508bee0c8ba169f33fc96cb96155
GET /upload/vod/20230430-1/5962b49c77e403f860b69d0a74d0bd01.jpg HTTP/1.1
Host: img.lytuchuang11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 225570
Last-Modified: Sat, 29 Apr 2023 17:59:34 GMT
Connection: keep-alive
ETag: "644d5b06-37122"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.siwapay.com:5278/cvjpg/sLPgc7Cz.jpg
108.165.238.222200 OK 51 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/sLPgc7Cz.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Hash 0e4a63288d42c3fb18e143c043d6256d
49361546ba7369e81e2dd449a1b2d718a581895b
ecae8dedcf5940a96d04ba6adf7b5ee5141fb569340ed7b0be02dc6c295e857d
GET /cvjpg/sLPgc7Cz.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 50739
last-modified: Tue, 04 Apr 2023 07:51:29 GMT
etag: "642bd701-c633"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.lytuchuang11.com/upload/vod/20230511-1/0c3bfd66e74ecf26425fdf49ac58b851.jpg
154.12.54.84200 OK 300 kB URL GET HTTP/1.1 img.lytuchuang11.com/upload/vod/20230511-1/0c3bfd66e74ecf26425fdf49ac58b851.jpg
IP 154.12.54.84:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectimg.lytuchuang11.com
FingerprintE3:3D:9D:A3:73:BC:09:47:F6:A1:B7:48:78:1F:5F:7A:8D:FB:93:0F
ValiditySat, 29 Apr 2023 13:39:30 GMT - Fri, 28 Jul 2023 13:39:29 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2022:05:02 11:34:00], baseline, precision 8, 785x523, components 3\012- data
Size 300 kB (299923 bytes)
Hash 4446993c2926806394fbde301ce4286c
1b87e0c16736e2317a3b9663be4edac8f02c0f6e
18aecf861d5dc978defa6af29b4bab25721766a45df5e6a7b4e8b586f7f4f4d0
GET /upload/vod/20230511-1/0c3bfd66e74ecf26425fdf49ac58b851.jpg HTTP/1.1
Host: img.lytuchuang11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 299923
Last-Modified: Thu, 11 May 2023 00:31:26 GMT
Connection: keep-alive
ETag: "645c375e-49393"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.siwapay.com:5278/cvjpg/ujdRGYKn.jpg
108.165.238.222200 OK 86 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/ujdRGYKn.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Hash 9aa48e9843395d819c1deeb67912a3ae
3d1d4b239cd5880dc534e3d87773891f87d67887
052669d8ad3902fe86ead5590b55c96be4994a96aa077333d1bde4c7802f3fde
GET /cvjpg/ujdRGYKn.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: image/jpeg
content-length: 85679
last-modified: Tue, 04 Apr 2023 07:43:14 GMT
etag: "642bd512-14eaf"
x-cache-server: s194, s74
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
img.lytuchuang10.com/upload/vod/20230419-1/bae146c5e2ab460b1f769c5f2eea3bcc.jpg
154.12.54.75200 OK 227 kB URL GET HTTP/1.1 img.lytuchuang10.com/upload/vod/20230419-1/bae146c5e2ab460b1f769c5f2eea3bcc.jpg
IP 154.12.54.75:443
ASN #22769 DDOSING-BGP-NETWORK
Requested by https://www.hntv2298.top/
Certificate IssuerBuypass AS-983163327
Subjectimg.lytuchuang10.com
Fingerprint66:95:19:CC:3F:2D:7E:10:67:F2:42:E1:25:2B:31:F9:78:44:79:85
ValidityTue, 14 Feb 2023 10:51:45 GMT - Sat, 12 Aug 2023 21:59:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 227 kB (226570 bytes)
Hash f93c11b87212fd51a850216e247a5143
c0e3d8cd176f832948dc2bb435afa31e79a7e388
18ad709cc45274496046068601cb55e56fd233911838573dc9b4ab978b139cdb
GET /upload/vod/20230419-1/bae146c5e2ab460b1f769c5f2eea3bcc.jpg HTTP/1.1
Host: img.lytuchuang10.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:28 GMT
Content-Type: image/jpeg
Content-Length: 226570
Last-Modified: Wed, 19 Apr 2023 01:42:59 GMT
Connection: keep-alive
ETag: "643f4723-3750a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.siwapay.com:5278/cvjpg/8DzYU2kH.jpg
108.165.238.222200 OK 59 kB URL GET HTTP/2 img.siwapay.com:5278/cvjpg/8DzYU2kH.jpg
IP 108.165.238.222:5278
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subject*.siwapay.com
Fingerprint3C:40:2A:7E:D7:3F:32:1D:95:9F:0A:44:C0:48:92:45:59:D5:B5:06
ValidityFri, 02 Dec 2022 00:00:00 GMT - Sat, 02 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 980x550, components 3\012- data
Hash 9bf2c6886878bf47a247e7a6a2daa4b5
87118533c5527870bb0d7f115843286ae151fa4d
032e469b59807e507c330db2a1b309849afb83bb14e5d3e1d1bacc11e71af21b
GET /cvjpg/8DzYU2kH.jpg HTTP/1.1
Host: img.siwapay.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:29 GMT
content-type: image/jpeg
content-length: 59159
last-modified: Thu, 25 May 2023 06:33:08 GMT
etag: "646f0124-e717"
x-cache-server: s194
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
X-Firefox-Spdy: h2
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?r=http%3A%2F%2Fwww.needtakehave.com%2F&l=https://www.hntv2298.top/
104.193.88.123200 OK 0 B URL GET HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?r=http%3A%2F%2Fwww.needtakehave.com%2F&l=https://www.hntv2298.top/
IP 104.193.88.123:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?r=http%3A%2F%2Fwww.needtakehave.com%2F&l=https://www.hntv2298.top/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Jun 2023 10:52:30 GMT
www.tz26.xyz:6188/n.js
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://www.needtakehave.com/fandomforever/lauthors/Customer/Billing/Address/Verification/secure/customer/center/Authentication/Amazon.com/error.php
Certificate IssuerTrustAsia Technologies, Inc.
Subjecttz26.xyz
FingerprintE6:92:B7:A2:91:D5:EE:E3:40:81:CE:4A:15:B3:98:FF:27:91:48:81
ValiditySun, 05 Mar 2023 00:00:00 GMT - Mon, 04 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /n.js HTTP/1.1
Host: www.tz26.xyz:6188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.needtakehave.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.hntv2298.top/template/1/static/css/white.css
188.114.96.1200 OK 11 kB URL GET HTTP/3 www.hntv2298.top/template/1/static/css/white.css
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/1/static/css/white.css HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: text/css
last-modified: Thu, 20 Apr 2023 10:46:11 GMT
vary: Accept-Encoding
etag: W/"644117f3-2b6f"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezdppc2mK%2BmMUqhX64SNjCraEnrHkPMgUOah95lqJoopundz7c5%2FD9HocOM58Ho7YLj4%2FeaxJhopjwCInZltTftg5U%2Bw9jUhZwA7zb4hVKIorgw4eTU6UwMTBwBLg0HZj56s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3297f87b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.hntv2298.top/template/1/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
188.114.96.1200 OK 13 kB URL GET HTTP/3 www.hntv2298.top/template/1/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
GET /template/1/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/template/1/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: font/woff
content-length: 13408
last-modified: Sat, 13 Nov 2021 12:13:58 GMT
etag: "618fac06-3460"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPfgJRdCDz%2B7SvyYv4%2FvUo8%2BcZhVHmvOhCURmWsITrzdsQrfsyuDPhYoy79hoaFAjVbWeRexbaaTEY968w5ZrAy2HcjHLGVHVOIV8XSFfjoAKcjCNO4N6YPU4Bx7s4TjwUH2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d48d341bec1b512-OSL
alt-svc: h3=":443"; ma=86400
js.users.51.la/21298467.js
42.236.73.41200 OK 4.9 kB URL GET HTTP/1.1 js.users.51.la/21298467.js
IP 42.236.73.41:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type ASCII text, with very long lines (5147), with no line terminators
Hash fa27476387601e30595fbc088892fcd0
69f3cd61104fc49a2346df7b5995104716949873
bca61a9ebfc0978b9ed573c2eedf94d710a42a09e3556aa7ed1a63ddccab3bc9
GET /21298467.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-store
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ia.51.la/go1?id=21298467&rt=1686307946835&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9&ing=1&ekc=&sid=1686307946835&tt=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E7%25BD%2591%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25B9%25B2%25E4%25BA%25BA%25E4%25BA%25BA%25E6%2593%258D&kw=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E7%25BD%2591%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25B9%25B2%25E4%25BA%25BA%25E4%25BA%25BA%25E6%2593%258D&cu=https%253A%252F%252Fwww.hntv2298.top%252F&pu=http%253A%252F%252Fwww.needtakehave.com%252F
42.236.73.39200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=21298467&rt=1686307946835&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9&ing=1&ekc=&sid=1686307946835&tt=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E7%25BD%2591%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25B9%25B2%25E4%25BA%25BA%25E4%25BA%25BA%25E6%2593%258D&kw=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E7%25BD%2591%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25B9%25B2%25E4%25BA%25BA%25E4%25BA%25BA%25E6%2593%258D&cu=https%253A%252F%252Fwww.hntv2298.top%252F&pu=http%253A%252F%252Fwww.needtakehave.com%252F
IP 42.236.73.39:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21298467&rt=1686307946835&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9&ing=1&ekc=&sid=1686307946835&tt=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E7%25BD%2591%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25B9%25B2%25E4%25BA%25BA%25E4%25BA%25BA%25E6%2593%258D&kw=%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E7%2599%25BE%25E5%25BA%25A6%252C97%25E4%25BA%25BA%25E4%25BA%25BA%25E6%25A8%25A1%25E4%25BA%25BA%25E4%25BA%25BA%25E7%2588%25BD%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2596%258A%25E4%25B8%258B%25E8%25BD%25BD%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E7%25BD%2591%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25B9%25B2%25E4%25BA%25BA%25E4%25BA%25BA%25E6%2593%258D&cu=https%253A%252F%252Fwww.hntv2298.top%252F&pu=http%253A%252F%252Fwww.needtakehave.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Content-Length: 0
Date: Fri, 09 Jun 2023 10:50:58 GMT
pv.dakawm.cc/pv.php?op=pv&ext=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS
172.247.46.210200 OK 8 B URL GET HTTP/2 pv.dakawm.cc/pv.php?op=pv&ext=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS
IP 172.247.46.210:443
Requested by https://www.hntv2298.top/
Certificate IssuerTrustAsia Technologies, Inc.
Subjectpv.dakawm.cc
FingerprintFA:1A:76:57:AD:B2:38:9F:62:B6:B5:29:89:67:88:60:7D:BA:3A:E4
ValiditySat, 06 May 2023 00:00:00 GMT - Sun, 05 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 970151117f726d3c977155c6a372ed3e
84b97c27873f6dc31380c6eb39334b085a078d2c
1c80900a96fbd9fd461e3bc6e553a86bf71c037a11e814fd9f6102d0390f98fd
GET /pv.php?op=pv&ext=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS HTTP/1.1
Host: pv.dakawm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hntv2298.top
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xo.imgwawawa.vip/xo/xo120av.gif
162.250.140.182200 OK 570 kB URL GET HTTP/1.1 xo.imgwawawa.vip/xo/xo120av.gif
IP 162.250.140.182:443
Requested by https://www.hntv2298.top/
Certificate IssuerLet's Encrypt
Subjectxo.imgwawawa.vip
Fingerprint93:AD:E7:A5:05:B8:96:CC:BA:97:54:62:5D:D6:4A:15:6A:B8:29:B3
ValidityMon, 05 Jun 2023 11:12:58 GMT - Sun, 03 Sep 2023 11:12:57 GMT
File type GIF image data, version 89a, 960 x 120\012- data
Size 570 kB (569804 bytes)
Hash 191902ddeb2004b36af31d0be89d8c09
2946b327898354bb8f4675be1a22c2e63dec8d69
ce7a7a27b5d2c285e85a4c306f4f6e21141137b3f592e56bb7a1317babacad97
GET /xo/xo120av.gif HTTP/1.1
Host: xo.imgwawawa.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 10:52:24 GMT
Content-Type: image/gif
Content-Length: 569804
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 22:31:03 GMT
ETag: "641398a7-8b1cc"
Expires: Sat, 08 Jul 2023 11:10:17 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
d.drtyujgsg.xyz/ty/sv?gp=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS&u_fv=0&u_url=aHR0cCUzQSUyRiUyRnd3dy5uZWVkdGFrZWhhdmUuY29tJTJG&r_url=aHR0cHMlM0ElMkYlMkZ3d3cuaG50djIyOTgudG9wJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=400&iv=wccic.1686307945&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
23.225.154.19200 OK 1 B URL GET HTTP/2 d.drtyujgsg.xyz/ty/sv?gp=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS&u_fv=0&u_url=aHR0cCUzQSUyRiUyRnd3dy5uZWVkdGFrZWhhdmUuY29tJTJG&r_url=aHR0cHMlM0ElMkYlMkZ3d3cuaG50djIyOTgudG9wJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=400&iv=wccic.1686307945&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
IP 23.225.154.19:443
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectd.dfghaqea.xyz
Fingerprint31:DE:CA:34:51:01:DA:AE:67:65:CC:27:86:69:F3:D4:33:6D:21:6B
ValidityWed, 04 Jan 2023 00:00:00 GMT - Thu, 04 Jan 2024 23:59:59 GMT
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/sv?gp=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS&u_fv=0&u_url=aHR0cCUzQSUyRiUyRnd3dy5uZWVkdGFrZWhhdmUuY29tJTJG&r_url=aHR0cHMlM0ElMkYlMkZ3d3cuaG50djIyOTgudG9wJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=400&iv=wccic.1686307945&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49 HTTP/1.1
Host: d.drtyujgsg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.hntv2298.top/template/1/static/css/swiper.min.css
188.114.96.1200 OK 18 kB URL GET HTTP/3 www.hntv2298.top/template/1/static/css/swiper.min.css
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
File type ASCII text, with very long lines (17459)
Hash 6af34d0737ad0ca608111771cf74cc79
15d0417baa08a741c6aee19fdfbf4813635f98f8
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
GET /template/1/static/css/swiper.min.css HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: text/css
last-modified: Sat, 13 Nov 2021 12:48:34 GMT
vary: Accept-Encoding
etag: W/"618fb422-455f"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65TPkXh6wKClJm1f3iPEcG7llfXUaO4LCmlzUUsPbMWizphtelYQrdegya3pDfK32xpAYdicCMV8yUeCYL5j50hNrQoZzgNRivmnhyx0HANV4DVVpSUDXXbfdpkehZUe7oQJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3297f81b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pic1.semaobf1.com/20220510/A52BDD1092C22773/A52BDD1092C22773.jpg
109.122.211.21200 OK 82 kB URL GET HTTP/1.1 pic1.semaobf1.com/20220510/A52BDD1092C22773/A52BDD1092C22773.jpg
IP 109.122.211.21:443
Requested by https://www.hntv2298.top/
Certificate IssuerUnizeto Technologies S.A.
Subjectpic1.semaobf1.com
Fingerprint0F:81:FA:1A:95:AC:0E:9B:46:F1:2C:C7:B4:5D:4B:F3:27:B9:49:5A
ValidityMon, 02 Jan 2023 12:05:17 GMT - Wed, 31 Jan 2024 00:00:00 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 600x400, components 3\012- data
Hash c2877ed58106a9104b7be707dbe9f6c6
8d8fd0d80dd933aa5eef812c3b2b75ef4994a7b2
f5f2adb11e360007f6f59fad59dca8947537bdc5f0c9d9e9de455b71ccd5e586
GET /20220510/A52BDD1092C22773/A52BDD1092C22773.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 09 Jun 2023 10:52:27 GMT
Content-Type: image/jpeg
Content-Length: 82398
Last-Modified: Wed, 07 Sep 2022 12:54:13 GMT
Connection: keep-alive
ETag: "63189475-141de"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
v.vhqweree.xyz/ty/5BA42D0E-8B1D-6601-33-B75D4FA79BE9.blpha
0.0.0.0 0 B URL GET v.vhqweree.xyz/ty/5BA42D0E-8B1D-6601-33-B75D4FA79BE9.blpha
IP 0.0.0.0:0
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectv.vfsdgjrr.xyz
Fingerprint05:2D:08:7A:8D:E7:79:7D:B1:16:3C:43:9A:4D:FF:68:AC:E9:5B:A5
ValidityWed, 04 Jan 2023 00:00:00 GMT - Thu, 04 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/5BA42D0E-8B1D-6601-33-B75D4FA79BE9.blpha HTTP/1.1
Host: v.vhqweree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Fri, 09 Jun 2023 10:52:26 GMT
expires: Fri, 09 Jun 2023 11:07:26 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
d.drtyujgsg.xyz/ty/sv?gp=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS&u_fv=0&u_url=aHR0cCUzQSUyRiUyRnd3dy5uZWVkdGFrZWhhdmUuY29tJTJG&r_url=aHR0cHMlM0ElMkYlMkZ3d3cuaG50djIyOTgudG9wJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=400&iv=wccic.1686307945&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
23.225.154.19200 OK 1 B URL GET HTTP/2 d.drtyujgsg.xyz/ty/sv?gp=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS&u_fv=0&u_url=aHR0cCUzQSUyRiUyRnd3dy5uZWVkdGFrZWhhdmUuY29tJTJG&r_url=aHR0cHMlM0ElMkYlMkZ3d3cuaG50djIyOTgudG9wJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=400&iv=wccic.1686307945&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49
IP 23.225.154.19:443
Requested by https://www.hntv2298.top/
Certificate IssuerSectigo Limited
Subjectd.dfghaqea.xyz
Fingerprint31:DE:CA:34:51:01:DA:AE:67:65:CC:27:86:69:F3:D4:33:6D:21:6B
ValidityWed, 04 Jan 2023 00:00:00 GMT - Thu, 04 Jan 2024 23:59:59 GMT
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/sv?gp=2050RQfI3M5+PiGb8o0kND70yTSIGVXlpYmZyHdTJQoVrbVaKwcxieo6nSxnKIzW3vG3IrPk/u2cuUyJ3uHfj5pWiX3PlTexXQtpqkFGeSHFRfRXq6febcvFiSya5tkU/f/kBB3QR8uBSAtQ79QelxACcELsiHoELg7nwUm6dWpPGUho/mPCOsL93fOc6gXyecoS&u_fv=0&u_url=aHR0cCUzQSUyRiUyRnd3dy5uZWVkdGFrZWhhdmUuY29tJTJG&r_url=aHR0cHMlM0ElMkYlMkZ3d3cuaG50djIyOTgudG9wJTJG&u_sw=1280&u_sh=1024&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=en-US&enjc=11&u_bw=1280&u_bh=400&iv=wccic.1686307945&u_utz=0&yd=ZGNjPSZkY2w9JmNwbj0mZ3ZkPSZncnI9JmN0PTEmZGlpdD0mZGl0PSZjbW49 HTTP/1.1
Host: d.drtyujgsg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 10:52:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 308 B URL GET HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:443
ASN #136958 China Unicom Guangdong IP network
Requested by https://www.hntv2298.top/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT
File type ASCII text, with very long lines (322), with no line terminators
Hash a498658e3623a4285649fd750e8e7f17
03f671b76709d9ecadce4a82348c852b6a1d5149
399125132825b666ee5d39bf0849d027d2ca21783be029cb001673f86579dd8a
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 09 Jun 2023 10:52:28 GMT
content-type: application/x-javascript
last-modified: Fri, 30 Dec 2022 21:48:54 GMT
etag: "63af5cc6-134"
cache-control: max-age=86400
content-encoding: br
age: 11545
accept-ranges: bytes
tracecode: 32680671510667914250060914
ohc-global-saved-time: Fri, 09 Jun 2023 06:54:28 GMT
ohc-cache-hit: gz3un50 [2], zhuzuncache61 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
www.hntv2298.top/template/1/static/css/bootstrap.min.css
188.114.96.1200 OK 140 kB URL GET HTTP/3 www.hntv2298.top/template/1/static/css/bootstrap.min.css
IP 188.114.96.1:443
Requested by https://www.hntv2298.top/
Certificate IssuerGoogle Trust Services LLC
Subjecthntv2298.top
FingerprintDE:14:E3:FE:D7:FF:EE:3A:D1:6E:8F:49:72:70:4C:64:CB:B3:19:0F
ValiditySun, 04 Jun 2023 09:50:06 GMT - Sat, 02 Sep 2023 09:50:05 GMT
Size 140 kB (139715 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/1/static/css/bootstrap.min.css HTTP/1.1
Host: www.hntv2298.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hntv2298.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 10:52:24 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 01:48:08 GMT
vary: Accept-Encoding
etag: W/"628ae7d8-221c3"
expires: Fri, 09 Jun 2023 22:52:24 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WknV1G8vYD7bIXdrJu3FNPUULfCKovfp8uu375XOdu7hGdYqkBfxa0CipwBsjztDHFRvENihNJKS1Aa219ZrTSdjEx%2BwgovMPIVR8OzB8izR1UVHViLFN1j8rwnsDTb%2F2bvS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d48d3295f4db512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400