r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e997bec759570aa0db03e31bf013cc2
948fd8263ab0b40f75eaf9495f76a7f39f39d5f9
853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3791
Expires: Fri, 28 Oct 2022 00:47:12 GMT
Date: Thu, 27 Oct 2022 23:44:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=121777
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:01 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 09:33:38 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4569
Expires: Fri, 28 Oct 2022 01:00:10 GMT
Date: Thu, 27 Oct 2022 23:44:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SD99JUjdo2nnf60EAP3UCBnPeUbm9RPS+CkrcaRkAW0uQsA28chbIF/VGS6p+0RyI7+opI6tmKg=
x-amz-request-id: VAEMDWJF8N8289CE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 23:10:02 GMT
age: 2039
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 23:44:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.7145.top/ud56/?4h=XqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv/DVRAH4jfIwEt3ZPwYv5B5A==&MBZt_F=KxlpixEx
156.237.140.57200 OK 554 B URL HTTP/1.1 www.7145.top/ud56/?4h=XqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv/DVRAH4jfIwEt3ZPwYv5B5A==&MBZt_F=KxlpixEx
IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (670), with CRLF line terminators
Hash 9c20e2810a6905aa473b0b2bfb21a1ed
b6ddefc1bf91f488ff6ea3b15afa73a489c0c058
d71070868966c7a461a4fe1323374ae7808375154592bef4acc30dd8ca1f8390
GET /ud56/?4h=XqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv/DVRAH4jfIwEt3ZPwYv5B5A==&MBZt_F=KxlpixEx HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6136
Cache-Control: max-age=122703
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:02 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:49:05 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.7145.top/common.js
156.237.140.57200 OK 561 B IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 287855360d13de35f112971cbf8d31db
9fd261c0c3179d0c9412459194479ea7dbd59eda
e1b90568f4b507805e3c69f040d40ae78517b1ac8dc09e1b3f44ca1eb695f7fc
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/ud56/?4h=XqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv/DVRAH4jfIwEt3ZPwYv5B5A==&MBZt_F=KxlpixEx
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:02 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
www.7145.top/tj.js
156.237.140.57200 OK 258 B IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash ad4691a2d72ad99116e4e23e5d734186
1f4d735991de74cf20521f8ab8630779f59427d3
0c29cd12a668f248f8e820eb57c6e61ca511158c55ab796e2fe3227d231ac079
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/ud56/?4h=XqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv/DVRAH4jfIwEt3ZPwYv5B5A==&MBZt_F=KxlpixEx
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:02 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JDc59Gpev8YIWclIndD7cQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N9RdJq3T+go3PcLyQ03vXMoJJY4=
www.7145.top/favicon.ico
156.237.140.57200 OK 1.2 kB IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/ud56/?4h=XqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv/DVRAH4jfIwEt3ZPwYv5B5A==&MBZt_F=KxlpixEx
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:03 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 01 Nov 2022 23:44:03 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
tkc.tsdt2.top/
122.10.111.13200 OK 191 B IP 122.10.111.13:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 5bf60b461148897a2ec42e38f54d9600
79310df933ad7066446386cd2b469c1ee2e8bc22
f03056f464bc84a6094f5b4eb1f6e3a679243561161d29dc32a3ba2959fef0ed
GET / HTTP/1.1
Host: tkc.tsdt2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:31:01 GMT
Accept-Ranges: bytes
ETag: "718a2d23cccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 23:44:02 GMT
Content-Length: 191
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9854
Expires: Fri, 28 Oct 2022 02:28:18 GMT
Date: Thu, 27 Oct 2022 23:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9854
Expires: Fri, 28 Oct 2022 02:28:18 GMT
Date: Thu, 27 Oct 2022 23:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9854
Expires: Fri, 28 Oct 2022 02:28:18 GMT
Date: Thu, 27 Oct 2022 23:44:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fd7879c-222e-44fb-b069-3d4b1253d118.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fd7879c-222e-44fb-b069-3d4b1253d118.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ab67cc14dbcb358f6c40ed70c63fc5
9bf69cbc25363ddc90a4040ac8059a346e674aeb
08d9c053c187f965aa71c9f64ede606d7ba048db0b994b47365fe525d11b0b53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fd7879c-222e-44fb-b069-3d4b1253d118.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: d9c203ef-7b47-47a5-98ee-0853ea6926f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv1_FDcIAMFjUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9bf-0693b0ab5413673511c43789;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:35:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VpUtN7Bh1xsdQL91QtWul3gGCfNhtKTv1xKnckZyloG7aGHL0uX3-A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:18 GMT
age: 7366
etag: "9bf69cbc25363ddc90a4040ac8059a346e674aeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbcff2ea-8593-4bcf-b1fc-9436dff0e1a5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbcff2ea-8593-4bcf-b1fc-9436dff0e1a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26576d68b60104eef7a7c7a1e92f2ef2
e111ba254d84ab1d05eac51b8cc15af9b388e6fe
bf68e56fd052d9d3507b3b940b9f40dfa5f4589f391aa69ed3c64be2efe9d731
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbcff2ea-8593-4bcf-b1fc-9436dff0e1a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: b6c88321-f3f2-4ff2-a264-7ea22196e9ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv3OF_LIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9c7-072c1c6871641ded27c5a4d0;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vz26cKiK8blIoDwoRRN02X4u4XRhYVi6FDCIil3f_d1mTFRZi-YIfQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:18 GMT
age: 7366
etag: "e111ba254d84ab1d05eac51b8cc15af9b388e6fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0beffd34-28f8-426e-9903-0c9e8e682498.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0beffd34-28f8-426e-9903-0c9e8e682498.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0fb7946977ae30ca71ee4e0e8c8b4f5
d7bc764972e1113c55969131fb15252a10db9257
acbc9cf0d1d9d72240a46dd7c828f4f3c19729751c1110d00cb5eb243ecaca5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0beffd34-28f8-426e-9903-0c9e8e682498.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9716
x-amzn-requestid: aef98b3b-256a-4c97-98cc-3f401b949755
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv19Gp3IAMFzkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9bf-39cb1f173f545d7223a5f865;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:35:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KmiXq5sohOZRTQB-UzcvlgCot8LIz3eEqSjypT5c4xIYNMHtY-FKCA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:18 GMT
age: 7366
etag: "d7bc764972e1113c55969131fb15252a10db9257"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 348e4d5f46d652d497f9ad078d1dea3e
7ab34ed8ae4e7048edd25f8b533d5237dea83688
dd02da6461e36a128579a3fb26da4c7f303b5683b27a7bd7a50309d4101cba3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8323
x-amzn-requestid: 4b90019d-6e8c-498d-8627-e4f0c9dda30e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw0gGYKoAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb4f-620a4264143fc3fd207acc5e;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NPWfRW5iNN1bcEzJGGlGa8kBWq-t_cOrbImZBUTaFi7QjGhjAj0GZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:58:21 GMT
age: 6343
etag: "7ab34ed8ae4e7048edd25f8b533d5237dea83688"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DjRLNrY4BFc3GwHGBW40LIyh-RYT3hshdKPxXok4KE97fGvatXN6yQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 11:05:53 GMT
age: 45491
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9608b604-2fb0-4009-9b22-93d14b2b82a1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9608b604-2fb0-4009-9b22-93d14b2b82a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deef89b8848bc9e554885d50334d12a2
ccad3b77484eaa6b7753aee1252e330fb3a897fe
b65cc5438a40809026d98b9cbe210b9f56d0b055def5a8b03516ac54a5ff82b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9608b604-2fb0-4009-9b22-93d14b2b82a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10727
x-amzn-requestid: 1a1d87f9-4187-45aa-a329-bfcff8ed2981
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw32FBxoAMFsmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb65-163911f12df777e0414e2076;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:43:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oS9JLMr8w10N9Gr6r_PD-x286hBhdKphPgvcqM5PJNdJBn6-idKgpA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:02:11 GMT
age: 6113
etag: "ccad3b77484eaa6b7753aee1252e330fb3a897fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f6ad6f61d4beaf27397b3534c9bd19f6
4b746717297ca74058bb7e2c2afec945fb3cc33d
285cea3ee46649f8ad0d6bf25c6c8413c129fdbc10c20655616b3b18ff53a81e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 31 Oct 2022 22:18:16 GMT
ETag: "4b746717297ca74058bb7e2c2afec945fb3cc33d"
Last-Modified: Thu, 27 Oct 2022 22:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1846
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760f4c29d91eb50c-OSL
ukt.tsfi4.top/
154.212.113.41200 OK 190 B IP 154.212.113.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 86935521bf681e426c5f21697b238251
f3648cb7d286209dd63b7a3f3e2bcd2d917b337b
23db6595d1feabe154e823b2c052f8e8d12001362dd5604ea36f45508d9c7f9b
GET / HTTP/1.1
Host: ukt.tsfi4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tkc.tsdt2.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 27 Oct 2022 15:05:15 GMT
Accept-Ranges: bytes
ETag: "34a8158515ead81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 23:44:03 GMT
Content-Length: 190
cii.tsdt7.top/
122.10.27.117200 OK 6.2 kB IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 570599636a9ec980786bfcc52f8be3b1
0e9a579a3bbce8d73372753750b700a18aae4d93
5b461e2b85917ba5c448ae69865742585f8ebfea2738f41b1c1fc1f6864bb828
GET / HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ukt.tsfi4.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=quq7bkmokh12gkqqfes1aeqeor; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
cii.tsdt7.top/static/css/home.css
122.10.27.117200 OK 5.8 kB URL HTTP/1.1 cii.tsdt7.top/static/css/home.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 450fb016075d2231047a4d127c2f1e41
bf8f539abbbff7c9d222cc450c94485102aec7b8
ba0f7991b02b9a60fa5635e68553a6c3d4db6229b6c398c72c7a2d191833bd7f
GET /static/css/home.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Aug 2021 06:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249182-5337"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.js?8d57755868d1d7e0c48dd60344b183ea
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8d57755868d1d7e0c48dd60344b183ea
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 22c3ad4387d54c55baf51626a2ca9afb
1a1df5be31706bd004991af764cd47f6fbb8ed7f
262dfeca710ab76f614a0b57043add7bc28f757e433e356584b7b82479e92fea
GET /hm.js?8d57755868d1d7e0c48dd60344b183ea HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.7145.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:04 GMT
Etag: 0e903447e78bf23d27ab81fe6207105d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FD0568A308AC31DA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
cii.tsdt7.top/template/m1938pc/css/style.css
122.10.27.117200 OK 4.2 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/style.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (887)
Hash ec4722f8db320fe78d8c14f9fdc04fcf
510d4f52ed2f1c7b1e4024aff2ba400b8fd3a986
fbb75222bd3bb0bad750759217960850dacf63a03bc148c4bae0c982cfa4b107
GET /template/m1938pc/css/style.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Nov 2021 12:42:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61910451-316c"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/css/style1.css
122.10.27.117200 OK 14 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/style1.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 text
Hash 6ea39fbd3c140f07c0b85d329fe9c09c
704518ac82b5ff1b31891048cdfb56118a8e1761
5473ac3ccd7f3d26b01668b81815d1e5b060fec971902c25ef933c8763acc2e2
GET /template/m1938pc/css/style1.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Jul 2021 02:43:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f243ec-e981"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/css/white.css
122.10.27.117200 OK 2.7 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/white.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, ASCII text, with very long lines (1029)
Hash 4bf86016b51a0923f29b60eebfdb70c6
01e7ccf779aaa148497ca4b8af6a40c51cdef9f1
1f7a20fb223b8a442b6bdb8c821db5cc5b2d99398f81b4d55bb30da51ebb432a
GET /template/m1938pc/css/white.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9aefe-27a6"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/css/swiper.min.css
122.10.27.117200 OK 3.3 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/swiper.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (17459)
Hash e73a49e6a4e9772b6add191cf694bd34
00038fe32a6e97fbbeb281939adfb363cdd5f54f
5a1a24bd85867233f36de37f59b96bfeeb4290619781494713b8216902b30988
GET /template/m1938pc/css/swiper.min.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af06-455f"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/css/mm-content.css
122.10.27.117200 OK 1.6 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/mm-content.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 4d6246aaee98074314419600ac04d334
0e4d3ce5fb1f58e7e50ad59d9f5be139bbf246a8
c263e97580e0dab7f547130c7cd2f7516df52c23b8b15ccd28c951f56b027afb
GET /template/m1938pc/css/mm-content.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af08-24d5"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/css/mp4.css
122.10.27.117200 OK 2.0 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/mp4.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 1e2a92a65ee9e4f64e313caf5f55cac7
1cf740b450511e90f6ecd93521242bd009e72fa0
05c205d18a8195d407372166178aa9c909b3eb74be5fc0032d0d3833fcc6bde8
GET /template/m1938pc/css/mp4.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 04:55:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1ca6-2226"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/js/jquery.lazyload.js
122.10.27.117200 OK 737 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.lazyload.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2223)
Hash eaf0b0026f5fe118b17efd08675e64e7
716de738af0b4ee171aacce51ece7c6b0402dcac
3420e9519c1663b6969106be32c6dec9c3a77558ea88a6f79e02696e0a99ff14
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 16:39:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62014b3e-8b1"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/css/bootstrap.min.css
122.10.27.117200 OK 27 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/css/bootstrap.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (493)
Hash 05a25cdf37679d41a05c52e76e6c2cd2
16aacd64e4475ed3efd6e72370578e950bf76820
b3549f3f4ed086d81f6f6efbf4e909407a778d50fe3ff3ddea927cefc1ca6200
GET /template/m1938pc/css/bootstrap.min.css HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 05:00:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1dd6-2226a"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/js/jquery.autocomplete.js
122.10.27.117200 OK 6.3 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.autocomplete.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /template/m1938pc/js/jquery.autocomplete.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-6215"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/js/jquery.superslide.js
122.10.27.117200 OK 2.9 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.superslide.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 2728d1c0b6f67113e4fd43bfe1c5fd9f
3c02fa0572cee1ff2050f36a6700b9d40a5bcd0a
1094d4cbd8570de92dbe8a1ed928d25e8f5edfc186de9319156c50ee1582cbaf
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-24d8"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=910170481&si=8d57755868d1d7e0c48dd60344b183ea&v=1.2.97&lv=1&sn=31519&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.7145.top%2Fud56%2F%3F4h%3DXqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv%2FDVRAH4jfIwEt3ZPwYv5B5A%3D%3D%26MBZt_F%3DKxlpixEx&tt=%E6%B5%B7%E5%AE%89%E6%9D%89%E7%8E%AB%E5%95%86%E5%8A%A1%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=910170481&si=8d57755868d1d7e0c48dd60344b183ea&v=1.2.97&lv=1&sn=31519&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.7145.top%2Fud56%2F%3F4h%3DXqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv%2FDVRAH4jfIwEt3ZPwYv5B5A%3D%3D%26MBZt_F%3DKxlpixEx&tt=%E6%B5%B7%E5%AE%89%E6%9D%89%E7%8E%AB%E5%95%86%E5%8A%A1%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=910170481&si=8d57755868d1d7e0c48dd60344b183ea&v=1.2.97&lv=1&sn=31519&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.7145.top%2Fud56%2F%3F4h%3DXqzeQhjCtj8dimggEDuoQ5NgfcVdd2S6P0ZYY2LmVbD3k4QlRLgfSA6uzxKgnCSSq2xWGa6lVkv%2FDVRAH4jfIwEt3ZPwYv5B5A%3D%3D%26MBZt_F%3DKxlpixEx&tt=%E6%B5%B7%E5%AE%89%E6%9D%89%E7%8E%AB%E5%95%86%E5%8A%A1%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.7145.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4D3CBA06E0A8EDDA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cii.tsdt7.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/js/jquery.js
122.10.27.117200 OK 37 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /template/m1938pc/js/jquery.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af28-169d5"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/js/jquery.base.js
122.10.27.117200 OK 2.4 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.base.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 770f78f611789c0759e08c48bc766c54
66d1671195b9f432b8b1986f677414b1e4330a25
b215bcf5c56080e433bdfaa98b797b25a111e97e8a7b2498fcfdca2342c8ca61
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-1954"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/static/js/home.js
122.10.27.117200 OK 10 kB URL HTTP/1.1 cii.tsdt7.top/static/js/home.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677)
Hash 94964f375af85be8e991d7e6abd9a40b
d768fa9eafd3435729ff69c95aecdb442cb27952
5a46491195ed6546583712062a62c500342c792958f93477d125a00901ec9af4
GET /static/js/home.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Aug 2021 06:28:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249190-95a5"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/banner_s.js
122.10.27.117200 OK 1.2 kB URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/banner_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 800c1cac2515f9075f1a5548824f9791
90e7384dcb97a1199aba8cfe8705b0750bce24c2
5a1ca57e81ed54e08e398dfd97ebe6f25c35387d800d0228be9043ad0866a147
GET /template/m1938pc/ads/banner_s.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Oct 2022 05:16:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63561fc4-20fa"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/word_s.js
122.10.27.117200 OK 513 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/word_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9264e142dde28df61aaa0321d1244b40
d5cbf05861c1cf3a72fa5f24be480e7c5e4cdb67
a1eae8da6f3e3b4cd03af821f7fd5f546ef823b9c570d69b550049f828883c35
GET /template/m1938pc/ads/word_s.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Oct 2022 04:37:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63522221-d49"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/word_x.js
122.10.27.117200 OK 444 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/word_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e3095a6b82fb9691d86d1cb102278c9a
3445a8bd8419b14009937c991c7478053b4713ae
9950dc8649f3d61000f771cc4517adb74c754d448cafbf19cc6fdccd364018ca
GET /template/m1938pc/ads/word_x.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Oct 2022 04:40:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635222d2-a98"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/banner_z.js
122.10.27.117200 OK 381 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/banner_z.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 99e7fb8d48293c287312ca9a13ad42b2
e3db09312b3cd969c31d9844169eb8446998aa38
8528c2082fea9481070c5035fe8ee95514f202d4c4588165281f3738fb68be00
GET /template/m1938pc/ads/banner_z.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Oct 2022 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635221ea-492"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/1.js
122.10.27.117200 OK 734 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/1.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with very long lines (328), with CRLF line terminators
Hash c5e7b6218a33df0589dcf94f52648677
f37845eceb35a06789988c9ddbd4351c796e619f
c025ab88dd92bd92d1234801293b1985477908fe2ac9a39420d32a45e30b8451
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Oct 2022 04:35:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635221ae-b42"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/2.js
122.10.27.117200 OK 929 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/2.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f91f9fa1982b94f67d9123dab201e048
bf2f3683ce58f74b28a479f2de201157070f450d
c26ccdb20473b8df683c6b9bd8ef9c1196fe2ca97d3dfb4977017ff2d65db425
GET /template/m1938pc/ads/2.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: application/javascript
Content-Length: 929
Last-Modified: Fri, 21 Oct 2022 06:30:39 GMT
Connection: keep-alive
ETag: "63523c8f-3a1"
Expires: Fri, 28 Oct 2022 11:44:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
cii.tsdt7.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:05 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/dp66.js
122.10.27.117200 OK 602 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/dp66.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 58fe3f8083bce43bdf7dfbe86690237d
0bdd59e70cdc2651c2acdee471968e8b05578da0
347f0481027b9f18708b5049ab5b75d95fa08c0e436273b7862b749850515917
GET /template/m1938pc/ads/dp66.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Oct 2022 04:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63522200-475"
Expires: Fri, 28 Oct 2022 11:44:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
cii.tsdt7.top/template/m1938pc/ads/banner_x.js
122.10.27.117200 OK 972 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/banner_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash c8de10150970aff901db66ad82eb5811
a69252d697e845e76ae83b83da34871d0dcd8c52
e147473b442982ec7e15c6281c060f2b407d52eadf66b107248490b58c506663
GET /template/m1938pc/ads/banner_x.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: application/javascript
Content-Length: 972
Last-Modified: Fri, 21 Oct 2022 04:37:08 GMT
Connection: keep-alive
ETag: "635221f4-3cc"
Expires: Fri, 28 Oct 2022 11:44:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
cii.tsdt7.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 1efe5e947497cab2ccbd7d4a5ed82e35
63ad7c210960fb913edf3d840bb20749b8eda916
6a38aaf1d6ecaa0d41cba0f90229e9a76526a0332c7c5a420c73f320272380ea
GET /hm.js?e7191e5689b911df153e7a3714bcb7c3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11328
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:06 GMT
Etag: ba46a57d795997209bf0b2fb3a17cb78
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4697EB97901CFB67; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
cii.tsdt7.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=2033436734&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31521&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=2033436734&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31521&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=2033436734&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31521&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=80510DE8612E869C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cii.tsdt7.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55d0b7cb5f4764467ad9038db6ac8487
97b6edef3dc0e81543eee375e983a389621977f5
5a4aa49eff82d9a6b4c564175138b6967925575c5255b302c16b9f402cd6ef9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5A4AA49EFF82D9A6B4C564175138B6967925575C5255B302C16B9F402CD6EF9A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Fri, 28 Oct 2022 00:24:58 GMT
Date: Thu, 27 Oct 2022 23:44:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55d0b7cb5f4764467ad9038db6ac8487
97b6edef3dc0e81543eee375e983a389621977f5
5a4aa49eff82d9a6b4c564175138b6967925575c5255b302c16b9f402cd6ef9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5A4AA49EFF82D9A6B4C564175138B6967925575C5255B302C16B9F402CD6EF9A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Fri, 28 Oct 2022 00:24:58 GMT
Date: Thu, 27 Oct 2022 23:44:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55d0b7cb5f4764467ad9038db6ac8487
97b6edef3dc0e81543eee375e983a389621977f5
5a4aa49eff82d9a6b4c564175138b6967925575c5255b302c16b9f402cd6ef9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5A4AA49EFF82D9A6B4C564175138B6967925575C5255B302C16B9F402CD6EF9A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Fri, 28 Oct 2022 00:24:58 GMT
Date: Thu, 27 Oct 2022 23:44:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55d0b7cb5f4764467ad9038db6ac8487
97b6edef3dc0e81543eee375e983a389621977f5
5a4aa49eff82d9a6b4c564175138b6967925575c5255b302c16b9f402cd6ef9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5A4AA49EFF82D9A6B4C564175138B6967925575C5255B302C16B9F402CD6EF9A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Fri, 28 Oct 2022 00:24:58 GMT
Date: Thu, 27 Oct 2022 23:44:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55d0b7cb5f4764467ad9038db6ac8487
97b6edef3dc0e81543eee375e983a389621977f5
5a4aa49eff82d9a6b4c564175138b6967925575c5255b302c16b9f402cd6ef9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5A4AA49EFF82D9A6B4C564175138B6967925575C5255B302C16B9F402CD6EF9A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Fri, 28 Oct 2022 00:24:58 GMT
Date: Thu, 27 Oct 2022 23:44:07 GMT
Connection: keep-alive
cii.tsdt7.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f3b392f5bfe1fd47dcccde90bee97bb2
aa37a70a9e9b7b82c24195c9c74a5a71416828f0
259891e311b81b203105793a9640a09008e88d34a2e7889d6a2789c1bb493ce2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 03:11:48 GMT
Expires: Wed, 02 Nov 2022 03:11:47 GMT
Etag: "aa37a70a9e9b7b82c24195c9c74a5a71416828f0"
Cache-Control: max-age=443859,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c3f48a1b52d-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash a0901bc7a65d99b07fecab9bf4f24186
d4d95fccc7dd31a72760e4f0d84545ab6126b32a
f32e8ff6365f47cbb8a6ea5b17cc5bf6e6f47ecdcc90f8d511c7a9fe802f4985
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 31 Oct 2022 20:31:30 GMT
ETag: "d4d95fccc7dd31a72760e4f0d84545ab6126b32a"
Last-Modified: Thu, 27 Oct 2022 20:31:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1186
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760f4c3fdc2fb512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 04362766e3673c51226c43eb503deb4a
e6435b02d41f217a7055161e22fc4dd3a42f76a4
fddbdb17eb29701378856bdaa4a7d6a743c23c3624cd290cf69171b9e2ea2c99
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 31 Oct 2022 22:04:31 GMT
ETag: "e6435b02d41f217a7055161e22fc4dd3a42f76a4"
Last-Modified: Thu, 27 Oct 2022 22:04:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2046
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760f4c3fdd8cb51e-OSL
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13596217
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Thu, 27 Oct 2022 23:44:07 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e91a44cd325ea459c8dbf5649abc23d9
128624e81ed3be0b8023d17eb06cd97bd204fcdb
42bb64e458f7f10a47e64c0b9720ab059e404b204415e0572c323c73cbc4b403
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 04:29:51 GMT
Expires: Thu, 03 Nov 2022 04:29:50 GMT
Etag: "128624e81ed3be0b8023d17eb06cd97bd204fcdb"
Cache-Control: max-age=534942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c3eeb82b529-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1b34f8e5ac07519c2a9d83f55bad4072
371ff60fc727c947f06844185ad1e6bd18ba3000
72bf1394e7226abde20a970f9be1e576cce824b883da9fabff9f74480ccdec67
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 31 Oct 2022 21:48:19 GMT
ETag: "371ff60fc727c947f06844185ad1e6bd18ba3000"
Last-Modified: Thu, 27 Oct 2022 21:48:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 917
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760f4c401c4cb512-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b491822aeaae824af9f478b6273d553d
50b97981209f25c243a6d9ea98acfe3c60632721
c0bc1986466b74f856d10c7affa50610dffbb95653f8e391273cd4ce78e69eac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 03:00:16 GMT
Expires: Thu, 03 Nov 2022 03:00:15 GMT
Etag: "50b97981209f25c243a6d9ea98acfe3c60632721"
Cache-Control: max-age=529567,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c3eea05b511-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f3b392f5bfe1fd47dcccde90bee97bb2
aa37a70a9e9b7b82c24195c9c74a5a71416828f0
259891e311b81b203105793a9640a09008e88d34a2e7889d6a2789c1bb493ce2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 03:11:48 GMT
Expires: Wed, 02 Nov 2022 03:11:47 GMT
Etag: "aa37a70a9e9b7b82c24195c9c74a5a71416828f0"
Cache-Control: max-age=443859,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c3f4cc7b4f4-OSL
cii.tsdt7.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e937930bff845c68469087032f919180
4993b20727274e1309753d4ef45aba597fe36f9f
38752720a75ea1d9d53369cd06d475111b9df87c6c278a43cca3a839ea50a83f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 02:54:12 GMT
Expires: Wed, 02 Nov 2022 02:54:11 GMT
Etag: "4993b20727274e1309753d4ef45aba597fe36f9f"
Cache-Control: max-age=442803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c410af4b511-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0230526a960d007cd4a7f3b1c092f31e
c35e325a131c41fcae696a7fdbfb850814bade15
50ff99d141cb5ec8e554b46898795fa462530ef3d4fafb1df4bd0b992fa4877d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 12:02:24 GMT
Expires: Thu, 03 Nov 2022 12:02:23 GMT
Etag: "c35e325a131c41fcae696a7fdbfb850814bade15"
Cache-Control: max-age=562095,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c41196fb52d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1d36d9a89a104d3e28e1686e23e98dc7
dd059b3a3076403f560bae52403c401828bc20a0
95a0e74aec6887a70abec9cacf95a257dbd914fe35e300d0f80abadde02b5c50
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 06:21:30 GMT
Expires: Thu, 03 Nov 2022 06:21:29 GMT
Etag: "dd059b3a3076403f560bae52403c401828bc20a0"
Cache-Control: max-age=541641,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c411cf5b529-OSL
cii.tsdt7.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 cii.tsdt7.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5cac1ba2d1c16e14b08de7f02b4f96ab
4eaffe67b411eca9b9019a45e5567f6b2e474177
303b7ad5c3fc2252c9b129a81d299e1f69bd298e68100ac1958864a006f7a628
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 03:45:41 GMT
Expires: Tue, 01 Nov 2022 03:45:40 GMT
Etag: "4eaffe67b411eca9b9019a45e5567f6b2e474177"
Cache-Control: max-age=359491,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760f4c412df3b4f4-OSL
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/1h3ohmhhtd509331h3ohmhhtd50523115.jpg
104.22.13.214200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/09/1h3ohmhhtd509331h3ohmhhtd50523115.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d08292ceb92edcb461073ac46d7d062e
b3cf319637069b5a628daa6b2582e9f502ca434f
0cfc3624012b6ea993f53101f8b84f2ba32b45ad2636919bf292928df803267e
GET /upload/vod/2019/11-08/09/1h3ohmhhtd509331h3ohmhhtd50523115.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/webp
content-length: 9796
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10455
content-disposition: inline; filename="1h3ohmhhtd509331h3ohmhhtd50523115.webp"
etag: "5dc4c5d1-28d7"
last-modified: Fri, 08 Nov 2019 01:33:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 760f4c3eeb1f0b51-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/dke2ciimuqj0932dke2ciimuqj3323099.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/09/dke2ciimuqj0932dke2ciimuqj3323099.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d1c4c9808d49844e28998901cb68ef09
d186facbc46504027a00d256f847480bd70a1ce4
519cfd9903e204f512ea63d010273671e33ac471097e551d30eef10f68f02074
GET /upload/vod/2019/11-08/09/dke2ciimuqj0932dke2ciimuqj3323099.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/jpeg
content-length: 10001
last-modified: Fri, 08 Nov 2019 01:32:33 GMT
etag: "5dc4c5b1-2711"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 760f4c3eeb1e0b51-OSL
X-Firefox-Spdy: h2
cii.tsdt7.top/api.php/timming/index?t=0.8537114241596223
122.10.27.117200 OK 114 B URL HTTP/1.1 cii.tsdt7.top/api.php/timming/index?t=0.8537114241596223
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with no line terminators
Hash 88c2c3b7020632d02d5a4cd2b4744913
1c6310246b7df2189ae850d1e19d27f18e2fdb6a
3e2c07c4a4b5218545cc97bfe5b42934ab9f214fdb8d20ee7e102b1b70cf0153
GET /api.php/timming/index?t=0.8537114241596223 HTTP/1.1
Host: cii.tsdt7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cii.tsdt7.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 23:44:08 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=e61uecp57gur46fmi4mu4a1c3v; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
u0083.com/8cecc1bd2b4d46d38c4b9a99dc37af58.gif
104.208.89.34200 OK 70 kB URL HTTP/1.1 u0083.com/8cecc1bd2b4d46d38c4b9a99dc37af58.gif
IP 104.208.89.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Hash 827ca50cd0e8aa2e60411690f8612e09
0dad56117cc53cbc1311126155d8ae61a282223b
07c1e38c05611d710c70941cac15cb5c470bd04af0fcf1fb289311404c2be75c
GET /8cecc1bd2b4d46d38c4b9a99dc37af58.gif HTTP/1.1
Host: u0083.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 10 Oct 2022 07:54:43 GMT
ETag: W/"6343cfc3-4898c"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0075.com/d924294ef5cc4583b2c5242b95e00091.gif
20.222.141.70200 OK 66 kB URL HTTP/1.1 u0075.com/d924294ef5cc4583b2c5242b95e00091.gif
IP 20.222.141.70:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 300 x 220\012- data
Hash 4534604176d8cbb97a5b81b7a5ed794f
d9c042cf7b5a6baf9a1a9efe5bbe2775a4f757ef
0d5bb9f31b412332ed3ac4faef025dc589fd902d4d7116f1befeee8d768a0c32
GET /d924294ef5cc4583b2c5242b95e00091.gif HTTP/1.1
Host: u0075.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 10 Oct 2022 07:52:26 GMT
ETag: W/"6343cf3a-10124"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 548ce7f6188a12d35a1244cdb74fe2f1
a0ad9bb1683ac6cd500c56b41d43449354e5ad28
6b3cd2d32d8670b53d870b167cb6818d1cd8c59e5187e7f915539f51906688b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B3CD2D32D8670B53D870B167CB6818D1CD8C59E5187E7F915539F51906688B2"
Last-Modified: Wed, 26 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 28 Oct 2022 05:44:08 GMT
Date: Thu, 27 Oct 2022 23:44:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 2aed62f843b639f3b8947f781f6ecdcd
f56e76cbe5a2464b3c5df205a0c97aa8c1415c1f
a9acead94795166e5c7fb96d2bd6abbc1a4e95134c5228dfacc0cb2c815d3b1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3865
Cache-Control: max-age=166519
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: "635af026-2d7"
Expires: Sat, 29 Oct 2022 21:59:27 GMT
Last-Modified: Thu, 27 Oct 2022 20:55:02 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 727
hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 390f51e636bff2fe72ebf3551c8057c7
989c1c8d4dd401788c7e0efc43993a768871339d
a1cd700312f7e4658a08fc660f38fc85f3a9db6c292e70e6ec25af9ef6975902
GET /hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: 6e978560f638d51907920896de069f8f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E8E101861A4A51A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 272d67dcef07274f49d67eb835ac3ae1
cc5c67997eabd5a91b9f2abaee188473389e3c67
4aa990d47a9774a378be0e141aa062d35b27c09a15201bd705a9d4c0473233bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158308
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: "635adf2c-2d7"
Expires: Sat, 29 Oct 2022 19:42:36 GMT
Last-Modified: Thu, 27 Oct 2022 19:42:36 GMT
Server: nginx
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
47.246.44.230200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 10:44:11 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:58:09 GMT
nw-session-id: 202210211458090102080352141D4BD2FDd8djs02dy
nw-session-trace: 2022-10-21T14:58:09.500113241+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:58:09 GMT
x-tt-logid: 202210211458090102080352141D4BD2FD
via: n150-056-037, cache10.l2de2[0,0,206-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], cache2.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01cbee9379081dede4563ed816372eaed9e22e817cb6a172f5515b36a1d0b0b16b0992519978341c8c47dea2460ef9488fea2a1af46ef3a756f47ed19c1f3caa455c050d0adbbab5c58656198a7c70892c0a0b1880236b0a5587be96287d217bf8
x-response-lb: image
ali-swift-global-savetime: 1666349051
age: 565197
x-cache: HIT TCP_MEM_HIT dirn:3:71900281
x-swift-savetime: Fri, 21 Oct 2022 10:50:02 GMT
x-swift-cachetime: 31535649
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16669142485598639e
X-Firefox-Spdy: h2
vcwzfn.com/3900b594a22746ea9e76b6da75e19b66.gif
103.170.15.50200 OK 260 kB URL HTTP/2 vcwzfn.com/3900b594a22746ea9e76b6da75e19b66.gif
IP 103.170.15.50:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 260 kB (260445 bytes)
Hash 88c037ff9c3e3a1796fbb31b53fc4fc6
76d2d296f0949a35256cde6b193f6f8935e75377
8459375e3af2855c687eca278d5ecb413556da31c2c3aeb5a1af90cef85b0659
GET /3900b594a22746ea9e76b6da75e19b66.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6343cf6f-3f95d"
server: nginx
date: Wed, 26 Oct 2022 05:47:18 GMT
content-type: image/gif
last-modified: Mon, 10 Oct 2022 07:53:19 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-40
content-length: 260445
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0eb759929886217c36e6c0d7861f8038
5af77e3adddb852ac7847e0e908e3cb9e8fe32cc
a8199435f58a37099bea096bb26d6118fd8bdb3d456ba2be8b710d7f4ce636d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8199435F58A37099BEA096BB26D6118FD8BDB3D456BA2BE8B710D7F4CE636D1"
Last-Modified: Wed, 26 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5629
Expires: Fri, 28 Oct 2022 01:17:57 GMT
Date: Thu, 27 Oct 2022 23:44:08 GMT
Connection: keep-alive
hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 8622869ae95a1857744edfc07045ccc0
46616331af438a50bd61e95982ca28c0199f8f3b
4d2a19c25922ad857682f00f86c410fc06e46930b44edfac19984d6a00b1cfae
GET /hm.js?adcca6f1017c682dc84c135157a96e7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: 3356b7cfa36e5be4a6d31bc4baedb568
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C0F6A9809C9940B2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vjnhby.com/88abfef9846d48a989ac2ed31cd6d267.gif
45.61.212.162200 OK 376 kB URL HTTP/2 vjnhby.com/88abfef9846d48a989ac2ed31cd6d267.gif
IP 45.61.212.162:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 376 kB (375501 bytes)
Hash 3cc130e8c73445ee88904b1d2945a002
ea12d90d3525af1eef53258ce9681b0093cf717e
29c94fe20be25178fb7896728930c7857d8f7db1e223295be8acf0fd4de68936
GET /88abfef9846d48a989ac2ed31cd6d267.gif HTTP/1.1
Host: vjnhby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6343cf31-5bacd"
server: nginx
date: Sun, 23 Oct 2022 13:15:48 GMT
content-type: image/gif
last-modified: Mon, 10 Oct 2022 07:52:17 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 375501
X-Firefox-Spdy: h2
93533557591.com/00946a445772401895ecee2223297e7c.gif
103.170.15.75200 OK 818 kB URL HTTP/1.1 93533557591.com/00946a445772401895ecee2223297e7c.gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 818 kB (817676 bytes)
Hash 2c0914501592136ef2d10a4111e355ed
d927d360f758036d51f4876f2ab97ac6d8ed5181
688662d5acf1c6584aa70e4a8ae273489b3a3b33e6b38f93571d85e99856d793
Analyzer Verdict Alert quad9 Sinkholed
GET /00946a445772401895ecee2223297e7c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6326eca5-c7a0c"
Date: Fri, 21 Oct 2022 03:04:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 18 Sep 2022 10:02:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 817676
vkhhjp.com/714a6fe82e1d43af851b01b67e268cc3.gif
45.61.212.162200 OK 433 kB URL HTTP/2 vkhhjp.com/714a6fe82e1d43af851b01b67e268cc3.gif
IP 45.61.212.162:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 433 kB (433007 bytes)
Hash 1e5c48857f664b13b9d3e5ffc58cfc4e
a2bf3602c57b8f49d8b3b8c8f4e95e397ea4cd1e
6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721
GET /714a6fe82e1d43af851b01b67e268cc3.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6343d015-69b6f"
server: nginx
date: Thu, 27 Oct 2022 14:53:40 GMT
content-type: image/gif
last-modified: Mon, 10 Oct 2022 07:56:05 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 433007
X-Firefox-Spdy: h2
ocsp.digicert.cn/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f6cb6fd8417bef49658b9d15da9e3a56
bcb60883e6d781bf58fdc005a3444ca898f97883
70e5efcf9a225dc8d0d978e5ca3f8ab69c1d6a167c35bdaf67a78b9de2424db3
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171281
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: "635b11d9-1d7"
Expires: Sat, 29 Oct 2022 23:18:49 GMT
Last-Modified: Thu, 27 Oct 2022 23:18:49 GMT
Server: nginx
Content-Length: 471
vgvjkw.com/b31044e930bd4f1fa8856cde0ffb2a7a.gif
45.61.212.162200 OK 491 kB URL HTTP/2 vgvjkw.com/b31044e930bd4f1fa8856cde0ffb2a7a.gif
IP 45.61.212.162:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 491 kB (490709 bytes)
Hash 12f48e3549c313b9d43138ccb5cfdff7
16e970dd02bd8cf1ab8aa8c674d46f1cd5d65a4d
f2f83642abd46506fda7246affcea4809bce990baa2556effa9127edf1538883
GET /b31044e930bd4f1fa8856cde0ffb2a7a.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6343ceb6-77cd5"
server: nginx
date: Wed, 19 Oct 2022 07:39:29 GMT
content-type: image/gif
last-modified: Mon, 10 Oct 2022 07:50:14 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 490709
X-Firefox-Spdy: h2
dsupt.top/20220718/960_80.gif
198.16.41.164200 OK 52 kB URL HTTP/2 dsupt.top/20220718/960_80.gif
IP 198.16.41.164:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash ff56d3d0bb9eef4833d17a07fecadb08
7d85f47df4d86bc3b09155287b237b9c731da097
feb778d732571a0d5f520577a91c1065bff9cea062a9dc34962abc5619cb5d86
GET /20220718/960_80.gif HTTP/1.1
Host: dsupt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/gif
content-length: 52137
last-modified: Mon, 18 Jul 2022 13:00:19 GMT
etag: "62d55963-cba9"
expires: Sat, 26 Nov 2022 10:59:21 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/17/eb0dp3rlta01747eb0dp3rlta0402287.jpg
104.22.13.214200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/17/eb0dp3rlta01747eb0dp3rlta0402287.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 219be8237074cc2d26e2fd0b231ca4c4
444b2daa3d99469168b5ac65a84975af65cb7db3
e2a2823a16869c4a18cda48c2d2626943eb7a3077f268f9f2f8936080ffb2253
GET /upload/vod/2020/01-05/17/eb0dp3rlta01747eb0dp3rlta0402287.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/jpeg
content-length: 8778
last-modified: Sun, 05 Jan 2020 09:47:40 GMT
etag: "5e11b0bc-224a"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 760f4c423e020b51-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/17/lc3z5gx0jkl1747lc3z5gx0jkl022267.jpg
104.22.13.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/17/lc3z5gx0jkl1747lc3z5gx0jkl022267.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 979c37f4bc4568166e27ad9ec98c5dd0
8600b5a27f49ed2ba884113be1315ef4d3dff1c4
55a894b58e7b34569f1e606536570422f28cbb8f363be3452cdf7898b7a58efd
GET /upload/vod/2020/01-05/17/lc3z5gx0jkl1747lc3z5gx0jkl022267.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/jpeg
content-length: 6431
last-modified: Sun, 05 Jan 2020 09:47:02 GMT
etag: "5e11b096-191f"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 760f4c422dff0b51-OSL
X-Firefox-Spdy: h2
u0075.com/e01c881c51854d79adf73b70f9c149e5.gif
20.222.141.70200 OK 284 kB URL HTTP/1.1 u0075.com/e01c881c51854d79adf73b70f9c149e5.gif
IP 20.222.141.70:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 284 kB (284432 bytes)
Hash 78fd9227eb769c9adef74b6e004c8685
e003b5f1782ab5f200b3feb38710ea3b0b1d658a
2455a99c476d1ad1c0fd66784f8029f75bcd7b05feb23dbb2a936ec2c22ef4bb
GET /e01c881c51854d79adf73b70f9c149e5.gif HTTP/1.1
Host: u0075.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 10 Oct 2022 07:53:53 GMT
ETag: W/"6343cf91-45c59"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1850526001&si=a42a9f9e7ce3dc4e0fe7d731ff179318&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31522&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1850526001&si=a42a9f9e7ce3dc4e0fe7d731ff179318&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31522&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1850526001&si=a42a9f9e7ce3dc4e0fe7d731ff179318&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31522&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FA0A4B8C34EE6D9E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=845642085&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31522&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=845642085&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31522&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=845642085&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31522&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=589CBC5510B29B3F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
p5.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/d30397527b3845bd8558477731dd019d~noop.image
218.60.98.100200 OK 103 kB URL HTTP/2 p5.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/d30397527b3845bd8558477731dd019d~noop.image
IP 218.60.98.100:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 103 kB (103173 bytes)
Hash 6857bf5106087caf69a49c1ed738c573
0a1fe550e9134da6568b23d54079700ea0cb927d
7e67d29e4af77086b0ef5a1559f7f4046440e315f403e1620b3c38cdb9bdff54
GET /img/tos-cn-i-siecs4i2o7/d30397527b3845bd8558477731dd019d~noop.image HTTP/1.1
Host: p5.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Byte-nginx
content-type: image/gif
content-length: 103173
access-control-allow-origin: *
age: 23658679
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 25 Jan 2022 02:34:59 GMT
nw-session-id: 20220125103459010209087131042EB65Avg7r202tt
nw-session-trace: 2022-01-25T10:34:59.804517957+08:00 62
server-timing: inner; dur=3
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-length: 103173
x-powered-by: ImageX
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-response-date: Tue, 25 Jan 2022 10:34:59 GMT
x-response-lb: image
x-tt-logid: 20220125103459010209087131042EB65A
x-tt-trace-host: 014fca8a137ae27738317af937d7437438e9bf3968051eb62568ee72a856755f8cd792687b0708374553221b38ef524dfecc92ff56d999444380fc6e4888a3184d9e90824a02f70a18a6ebb0af46375fccb3fb22f6163b158826f63e3ce2ce4f554b7c92d863369c7d62f9be2b7d2da69120033c6a8a1fd472c50e5976b7c9bebe
x-tt-trace-tag: id=5
date: Thu, 27 Oct 2022 23:44:08 GMT
via: cache07.dlcu
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 57df552861e576b8ceface21d7d16329
c8db0b0987deeb0ab394b40235205ec14077cc1b
3a68eb3d6ecd80980e5b3cf514060a8a54cb095aa6fb493e6f986f5de7369fde
GET /hm.js?118d8c4b51d138a967fb082395b27809 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: 2340ccca13e88181f7fc06d903cd911d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A2A5E9955554828A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080a.gif
47.110.23.69200 OK 483 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080a.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 483 kB (483153 bytes)
Hash 1f1c801eafd280a44b98e3faa56a2ca2
c301ac6582b1dbada946ad345e035137e3c00dcc
39359235e394f01f0725531388b7c0f0d41258b42f4728755218379b332a2d03
GET /xpj/xpj96080a.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 27 Oct 2022 23:44:07 GMT
Content-Type: image/gif
Content-Length: 483153
Connection: keep-alive
x-oss-request-id: 635B17C7DF72713237A33242
Accept-Ranges: bytes
ETag: "1F1C801EAFD280A44B98E3FAA56A2CA2"
Last-Modified: Sun, 23 Oct 2022 15:00:14 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15918541575181101655
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: HxyAHq/SgKRLmOP6pWosog==
x-oss-server-time: 3
hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 22b6c6a9e87bbe158b4b202fdb03f332
be7e3925365335a7a13b1e3893e482b1a8ae4945
1c34a5fe74cd8587c40872b61845918c1e5bacf32f6f6bd7da25f10371d8e55a
GET /hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: 7484d9a17d6ec37af002b47185859c3c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C71D9515EA217E4B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 23:42:03 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sat, 26 Nov 2022 23:42:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash b1b5b1e71d7f58ff928813464a0c4d92
7a45d943892fb3cbb190a2fe6eff30543861208d
894faa1f578bdf51ac99293522b6468a8222a3e4c9d24ba77174168171da0c32
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: 22fe66892ccba81cf2d09f78bfac3469
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B23F1D11CA32C6D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
si1.go2yd.com/get-image/0yFUidjGHhQ
58.254.180.65200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 58.254.180.65:0
ASN #136958 China Unicom Guangdong IP network
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/gif
content-length: 121040
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
etag: "72f445e66343e28d92a588cd7858f2dc"
age: 249
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f1diit80n55obs6l8lib7npjlksdrdtn
content-md5: cvRF5mND4o2SpYjNeFjy3A==
timing-allow-origin: *
ohc-cache-hit: gz3un59 [2], xauncache59 [2], suzix59 [4]
ohc-file-size: 121040
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash c2098f7af0b1b81678ba49d5b34c289f
28f0105ab7f82487d37ff5e4b002979584013f13
b68d9f86715a913dd672e14e11bf85b1e4c940c1f69c7fa95139ddcbb18f09f0
GET /hm.js?5f6f6952a111398e4db76c6944ccaba1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:08 GMT
Etag: ac3274f8a7790662b669cd4ac3d30391
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=867F8D1E0C3CD16D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?f1b45bcc6c5ed83c42fb187be8b6ee7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f1b45bcc6c5ed83c42fb187be8b6ee7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 0d62e72a2a0cc36d5297f152ff798209
6cb5b1a57457b80a6024f5ec54b87828197c9a91
eaaacff874cb9ceafb9cf93fbedc3dc80d1c4acc09e335c8fe46911e51acd416
GET /hm.js?f1b45bcc6c5ed83c42fb187be8b6ee7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11335
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:09 GMT
Etag: 189669c75e5002243584a3736c011a1c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F460EBFAE87D6C9D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=381428639&si=118d8c4b51d138a967fb082395b27809&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=381428639&si=118d8c4b51d138a967fb082395b27809&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=381428639&si=118d8c4b51d138a967fb082395b27809&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=82B5E1158015572E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 2afb692fad062dd682eddc104613051b
b2a7c430e8f0e566342ac6d8ec8c9f7d72fc8dae
78f55d7a77731421490448d7fa834196b64e7f2845315160cf7a46fa43077913
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1684
Cache-Control: max-age=116812
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:09 GMT
Etag: "635a3681-1d7"
Expires: Sat, 29 Oct 2022 08:11:01 GMT
Last-Modified: Thu, 27 Oct 2022 07:42:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.167.197200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.167.197:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 27 Oct 2022 23:44:08 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 635B17C8FF7A84363030C1D7
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
hm.baidu.com/hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash b9718a6f9d6a415dd37a966ed8ee441e
c59570fff0dc381e1762a01fb1b845c6608de46a
5f57b0102a3c7c66cf512c78eb8d1032f88739ceed78047adc5138707cd61fa0
GET /hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11335
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:09 GMT
Etag: 68a87846d072f3e4575d3ec0226e1aa5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=89A0C2BF535F2C01; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?3245eddf7b031a037c644e0f859ed26d
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3245eddf7b031a037c644e0f859ed26d
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash e6466a7ac54ca34fd86a4215e1aa062e
954cdfb4c30b8dddab61689507d9594cb73be9a4
177ddf5aa584a51d8cf7b810edcc45948a2599e63ea335761b9d0687bd4e5208
GET /hm.js?3245eddf7b031a037c644e0f859ed26d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:09 GMT
Etag: 668e0ab3977e484b30c52e78afb2659d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=118261982F97194A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 27 Oct 2022 23:44:09 GMT
content-type: image/gif
content-length: 158841
expires: Fri, 07 Oct 2022 14:31:54 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 1067116
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/95e83044cdf96ff929c2262729f49b38.gif
185.10.104.115200 OK 34 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/95e83044cdf96ff929c2262729f49b38.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 48\012- data
Hash 95e83044cdf96ff929c2262729f49b38
08b0ec9c809ff166cc338941b0dd9a256bf6236c
243c7b83e1a97b8beaff0b51aa3c1a60f76b9b7ba70b84dc34d3cf546b61f759
GET /bjh/95e83044cdf96ff929c2262729f49b38.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 27 Oct 2022 23:44:09 GMT
content-type: image/gif
content-length: 33954
expires: Sun, 02 Oct 2022 16:42:12 GMT
last-modified: Thu, 04 Aug 2022 04:37:27 GMT
etag: "95e83044cdf96ff929c2262729f49b38"
age: 1543544
accept-ranges: bytes
content-md5: legwRM35b/kpwiYnKfSbOA==
x-bce-content-crc32: 2764241748
x-bce-debug-id: dF69SI6stZ/JJqSrs4RbFDWodCrmQCbG0KajBDlrWbVewekl14FU3Gxonf4dULOtsQ+MpwrWUnyVytcF24qprA==
x-bce-request-id: 7a2e2164-bf45-4956-b0f6-c37e7bc6066b
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [2], csix82 [2]
ohc-file-size: 33954
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=269888915&si=81e2eb0ac88243d0b2761c1bc0fcee7f&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=269888915&si=81e2eb0ac88243d0b2761c1bc0fcee7f&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=269888915&si=81e2eb0ac88243d0b2761c1bc0fcee7f&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9CC80ACF4F6BAA16; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=594342561&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=594342561&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=594342561&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2563CC6E5C9ED0F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1721732028&si=5f6f6952a111398e4db76c6944ccaba1&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1721732028&si=5f6f6952a111398e4db76c6944ccaba1&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1721732028&si=5f6f6952a111398e4db76c6944ccaba1&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CEDA66EDA60A5BAE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
sz88.oss-cn-shenzhen.aliyuncs.com/02.gif
120.77.166.72200 OK 672 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/02.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 100\012- data
Size 672 kB (672530 bytes)
Hash 6f6a6e13329668405fef1523540dee76
066acc7fc837eb673108ea5ff7aba0ff0efd8282
08fa32ed67b0ddc30e4dd772b797c649962fa6c04840bc75d48965217f3cdc49
GET /02.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 27 Oct 2022 23:44:08 GMT
Content-Type: image/gif
Content-Length: 672530
Connection: keep-alive
x-oss-request-id: 635B17C8FFFE3D38377512E3
Accept-Ranges: bytes
ETag: "6F6A6E13329668405FEF1523540DEE76"
Last-Modified: Sun, 15 May 2022 13:34:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12368396201495379341
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: b2puEzKWaEBf7xUjVA3udg==
x-oss-server-time: 3
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=778088862&si=f1b45bcc6c5ed83c42fb187be8b6ee7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=778088862&si=f1b45bcc6c5ed83c42fb187be8b6ee7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=778088862&si=f1b45bcc6c5ed83c42fb187be8b6ee7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=18F8978D22C69BFF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9f93ad95116d517b8ad396c7d7d23260
d541ee0e1ca3cedd27f64ab6b83885c69cfcfee5
e2cdfd6e05ac4fbde7fcf13f4e38f90091a8f2f843ef08b3e4dda14426b4bb46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130962
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 23:44:09 GMT
Etag: "635a745b-2d7"
Expires: Sat, 29 Oct 2022 12:06:53 GMT
Last-Modified: Thu, 27 Oct 2022 12:06:51 GMT
Server: nginx
Content-Length: 727
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=389845373&si=bd1c4e4e3b958139dfa1d89e8e7306ed&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=389845373&si=bd1c4e4e3b958139dfa1d89e8e7306ed&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=389845373&si=bd1c4e4e3b958139dfa1d89e8e7306ed&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A8B428AA74235CDF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1336219679&si=3245eddf7b031a037c644e0f859ed26d&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1336219679&si=3245eddf7b031a037c644e0f859ed26d&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1336219679&si=3245eddf7b031a037c644e0f859ed26d&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31523&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=41B4928463C03CF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
43.154.254.32200 OK 456 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 350\012- data
Size 456 kB (456390 bytes)
Hash 24f8d711ff99c1b9e8eda597e520496d
0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/gif
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 224 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: 7d2e2daf-b11e-4fc3-96c3-f030a8217928
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?7594b934d9a76568e9987e886fc92cc2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7594b934d9a76568e9987e886fc92cc2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 9747049173504e0f09d278b79434062f
d57db532239b5a8481097fe4dc76d29ef0675d36
a6aeba188d3d3435c0ef7c6bc9cf226d4bfd687089384b8f8d44668cbfd27b14
GET /hm.js?7594b934d9a76568e9987e886fc92cc2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 23:44:09 GMT
Etag: 9286e13e8c2c4152a5ad3071caf728ee
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=336CAD4E80D11900; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ac3d6ec0fdb54dbcad3779cb9c1d5a2a~noop.image
182.118.39.169200 OK 40 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ac3d6ec0fdb54dbcad3779cb9c1d5a2a~noop.image
IP 182.118.39.169:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 750 x 46\012- data
Hash de7ac5fafd71547e77999f4895e1ff83
eae4c114fdaa02bcd5082bb37c4dd5cebab807e6
d0b3d4d456a00c78e446d652b53f73b4d42b45ee253962ef54b1782d55259dc5
GET /img/tos-cn-i-siecs4i2o7/ac3d6ec0fdb54dbcad3779cb9c1d5a2a~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 23:44:10 GMT
content-type: image/gif
content-length: 39796
server: openresty
age: 2100710
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 06 Apr 2022 13:27:27 GMT
nw-session-id: 2022040621272601020908716307E57619pmrr702tt
nw-session-trace: 2022-04-06T21:27:27.105544474+08:00 227
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 39796
x-powered-by: ImageX
x-response-date: Wed, 06 Apr 2022 21:27:27 GMT
x-response-lb: image
x-tt-logid: 2022040621272601020908716307E57619
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=2
via: CHN-HAzhengzhou-AREACUCC1-CACHE11[2],CHN-HAzhengzhou-AREACUCC1-CACHE33[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE120[8],CHN-TJ-GLOBAL1-CACHE33[0,TCP_HIT,8]
x-hcs-proxy-type: 1
x-tt-trace-host: 01c596a485e3f8155e7980deb4a63d583da9ff9cbb3862e323cd7e227ae271a2cc0e8110a705517ae2c99992d8663e4d43bbb128901a4e9d7480c87677c8f7432d758699a9aff57e5fe763aa61084cf22cc379943e70b9e0c6ba618293ffea95ed1978f7535f6fb18000e7e11ab79e8fc282c3074a3b005a34d7ed3746808a7f0dbf64270f3f01eb0472ee0bd1b7ac9cc7
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=253849498&si=7594b934d9a76568e9987e886fc92cc2&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31524&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=253849498&si=7594b934d9a76568e9987e886fc92cc2&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31524&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=253849498&si=7594b934d9a76568e9987e886fc92cc2&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=31524&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fcii.tsdt7.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 27 Oct 2022 23:44:10 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=31F497E3081DE14C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png
43.154.254.32200 OK 1.5 MB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.5 MB (1495356 bytes)
Hash af737e86fc083a958d9f25203333f0be
cb0ee5d9a71efdf61b622bd4175998bdeecca900
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/gif
content-length: 1495356
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:11 GMT
cache-control: max-age=2592000
x-delay: 752 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1495356
chid: 0
fid: 0
x-nws-log-uuid: 7c2ddccb-bc3d-498b-ab3b-1d947e3e766c
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png
43.154.254.32200 OK 894 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 27 Oct 2022 23:44:08 GMT
content-type: image/gif
content-length: 893726
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:38 GMT
cache-control: max-age=2592000
x-delay: 472 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 893726
chid: 0
fid: 0
x-nws-log-uuid: d439e9cb-161e-4c25-a4e2-fcec695c5ecf
X-Firefox-Spdy: h2
img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
IP 3.36.126.81:0
GET /images/635242fd5fe50f0585d3ef8f.gif HTTP/1.1
Host: img.u1555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
cache-control: max-age=3600
X-Firefox-Spdy: h2
hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
113.105.172.48200 OK 0 B URL HTTP/2 hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
IP 113.105.172.48:0
GET /static/tongji/plugins/UrlChangeTracker.js HTTP/1.1
Host: hmcdn.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cii.tsdt7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 27 Oct 2022 23:44:09 GMT
content-type: application/x-javascript
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
etag: "5f8eb0f7-4b3c"
content-encoding: br
age: 122185
accept-ranges: bytes
tracecode: 28646116690586387210083121
vary: Accept-Encoding
ohc-global-saved-time: Wed, 05 Oct 2022 13:47:44 GMT
timing-allow-origin: *
ohc-cache-hit: dg3ct59 [2], fzctcache59 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2