r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7104
Expires: Fri, 25 Nov 2022 07:52:35 GMT
Date: Fri, 25 Nov 2022 05:54:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2665
Cache-Control: max-age=105685
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:54:11 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:15:36 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 05:54:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KPOrUYNjSznP5XH5Tqw0wcPkLKAz2xF5Mv+qbzqAbviO5jOt7Oo07cDtSdSZYnIgTwNgEqiwyKo=
x-amz-request-id: 7SQ3NMH7RG8MDYBB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 05:40:41 GMT
age: 810
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 05:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2207
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:54:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wyqsfj.com/
45.192.73.170301 Moved Permanently 0 B IP 45.192.73.170:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: wyqsfj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 05:54:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.wyqsfj.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 2718
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4435
Cache-Control: max-age=102392
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:54:12 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:20:44 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IdICd4g8IxoHS1j/JduiUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HJs44VVoFgdvFnZIvUqlMxsv3i8=
www.wyqsfj.com/index.php
45.192.73.170200 OK 552 B IP 45.192.73.170:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (681), with CRLF line terminators
Hash abab218cd77aa5cec63aaf6c6f4f692f
9407d59848d6a46533a46beeaf76cef1bcc42898
9ada47863a2d88aff0b024ec844be87bdca6173ac659be36d86bbb60b931fd06
GET /index.php HTTP/1.1
Host: www.wyqsfj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.wyqsfj.com/common.js
45.192.73.170200 OK 563 B IP 45.192.73.170:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 853a83781762fd1ed2011396522b0608
e07d6581f8ea1211a37cb1fde11adce7c79342d4
23be316830eb9a0d1f09b88a7c8565fb09ba53cf8332c33d67501ef73784b26c
GET /common.js HTTP/1.1
Host: www.wyqsfj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wyqsfj.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/x-javascript
Content-Length: 563
Connection: keep-alive
www.wyqsfj.com/tj.js
45.192.73.170200 OK 258 B IP 45.192.73.170:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 50f99e75d656793a1df8c60d7fc58053
beb5d685e0a65b91b871ec233f7b15274ef85074
2e0a50f7d290a85aced062988bdaa739a3f121a185d57111c26146d26c013c9c
GET /tj.js HTTP/1.1
Host: www.wyqsfj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wyqsfj.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.wyqsfj.com/favicon.ico
45.192.73.170200 OK 1.2 kB URL HTTP/1.1 www.wyqsfj.com/favicon.ico
IP 45.192.73.170:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.wyqsfj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wyqsfj.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 30 Nov 2022 05:54:12 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
rdg.tsdt3.top/
122.10.111.13200 OK 191 B IP 122.10.111.13:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 5bf60b461148897a2ec42e38f54d9600
79310df933ad7066446386cd2b469c1ee2e8bc22
f03056f464bc84a6094f5b4eb1f6e3a679243561161d29dc32a3ba2959fef0ed
GET / HTTP/1.1
Host: rdg.tsdt3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wyqsfj.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:31:01 GMT
Accept-Ranges: bytes
ETag: "718a2d23cccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Length: 191
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12799
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12799
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12799
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12799
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 2985
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12799
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6b9b5ebc32235ed8f3e15df013963f0
46ee95ebee3d60f64d2b7f568673b13ea27a42a3
4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11586
x-amzn-requestid: 30d340e5-328d-4f00-8cd4-3cb6e2b50265
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JtyEIHoAMFdnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2324-09bb4d434ff852b456537e15;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TYDelnop2OJO_fQdmSzyZJLYx94FU1GxYpDjWCTp3moRS7qzibvTSA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:56:21 GMT
age: 79072
etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f65dfa986cf95e8fb459778b945c59
29edd439b6e7894bc4771fc655a50d926f349a08
c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsokHSgoAMF_RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ervQ6cnvMZQnKghtBl269cRlf2ypuwuI1VBAzsKov8sbpCQUfei4Gg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:09:15 GMT
age: 6298
etag: "29edd439b6e7894bc4771fc655a50d926f349a08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e97ba6c4c94a299553238e643a3acc7
9be5a5497a8566ea66e81765ef8566e6b716ab5b
bda1bb57f0198e711c3018417513237b9533cfe2e5856ada5383f7461090f40a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: 49acad5a-bb12-4da8-a303-ea2b76b53822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cF8HPEIdoAMF3tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f0d61-674576450ade0e1e4bd601fd;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 06:21:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rAHhaTW3Gn6HW5DWXuUMyR68h5DAgKK5qDBiAbhk4VVu4rbSebZEmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:24:38 GMT
age: 66575
etag: "9be5a5497a8566ea66e81765ef8566e6b716ab5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 5473
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2580ebded0a32ceecc3083ae1db2b37
2ec124224738807229328a3ade6ca493ccf4b287
010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10679
x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4J3VEM5IAMFtcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AqpyU32i39pVq4O_-tSo8Bup9eNgoPGBq_lKyeXYUsN1BapLq-xGGg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 06:12:03 GMT
age: 85330
etag: "2ec124224738807229328a3ade6ca493ccf4b287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6b2970327bfc720f395334f73a94c7b5
2469539bf0a272f38a654a5ec3e14f9e28ec350e
215ecad4022c49933e97450cb21268e44a52164402de4a74f16c5f2267054ae6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:28:45 GMT
ETag: "2469539bf0a272f38a654a5ec3e14f9e28ec350e"
Last-Modified: Fri, 25 Nov 2022 02:28:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2014
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820e4ecfe0afe-OSL
ukt.tsfi4.top/
154.212.113.41200 OK 191 B IP 154.212.113.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 7c428a14a70bc0dbcd6953533335a35f
f1cf1577970ddb99d9f2003e4905a4c76e6946af
a31427116fa89255fa9661abb2b27fd3cb200533dc661ae38cea186bc369a7ab
GET / HTTP/1.1
Host: ukt.tsfi4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rdg.tsdt3.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 04:39:17 GMT
Accept-Ranges: bytes
ETag: "a6e7cde0870d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:13 GMT
Content-Length: 191
hm.baidu.com/hm.js?fd2550db2d28d2cfae0c3f4a6eb12b88
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fd2550db2d28d2cfae0c3f4a6eb12b88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash ad2bc807f5f7f54e75d5a83e20d69588
49573c915176170a3a03d3a6f9e54627c4c03e5a
f1baa791a47dfb61a1ac13b3a9a2c9b7edcbfbeecd50ee90386d33d6006fc976
GET /hm.js?fd2550db2d28d2cfae0c3f4a6eb12b88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wyqsfj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11264
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:14 GMT
Etag: e412d84242094ced1825f22710b0aa7e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D003072ABB4E35A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hkk.tsms3.top/
122.10.27.117200 OK 6.1 kB IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash fc7d438f01d2d948906c17b51ff76e9f
c36a41f52fe135b6f207663c08d6de9cdbb967b6
af262abfccfda3cd5eb03a1b0240972868b882a68c220ffab1f2df3dbbe74fdf
GET / HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ukt.tsfi4.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ep16otbbljitkfjgi2bp06irtd; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1804216291&si=fd2550db2d28d2cfae0c3f4a6eb12b88&v=1.3.0&lv=1&sn=48135&r=0&ww=1280&u=http%3A%2F%2Fwww.wyqsfj.com%2Findex.php&tt=%E6%98%8C%E9%83%BD%E6%8A%A0%E7%85%9E%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1804216291&si=fd2550db2d28d2cfae0c3f4a6eb12b88&v=1.3.0&lv=1&sn=48135&r=0&ww=1280&u=http%3A%2F%2Fwww.wyqsfj.com%2Findex.php&tt=%E6%98%8C%E9%83%BD%E6%8A%A0%E7%85%9E%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1804216291&si=fd2550db2d28d2cfae0c3f4a6eb12b88&v=1.3.0&lv=1&sn=48135&r=0&ww=1280&u=http%3A%2F%2Fwww.wyqsfj.com%2Findex.php&tt=%E6%98%8C%E9%83%BD%E6%8A%A0%E7%85%9E%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wyqsfj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6DC77F1EE6B58671; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hkk.tsms3.top/template/m1938pc/css/style.css
122.10.27.117200 OK 4.2 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/style.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (887)
Hash ec4722f8db320fe78d8c14f9fdc04fcf
510d4f52ed2f1c7b1e4024aff2ba400b8fd3a986
fbb75222bd3bb0bad750759217960850dacf63a03bc148c4bae0c982cfa4b107
GET /template/m1938pc/css/style.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Nov 2021 12:42:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61910451-316c"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/static/css/home.css
122.10.27.117200 OK 5.8 kB URL HTTP/1.1 hkk.tsms3.top/static/css/home.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 450fb016075d2231047a4d127c2f1e41
bf8f539abbbff7c9d222cc450c94485102aec7b8
ba0f7991b02b9a60fa5635e68553a6c3d4db6229b6c398c72c7a2d191833bd7f
GET /static/css/home.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Aug 2021 06:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249182-5337"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/css/style1.css
122.10.27.117200 OK 14 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/style1.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 text
Hash 6ea39fbd3c140f07c0b85d329fe9c09c
704518ac82b5ff1b31891048cdfb56118a8e1761
5473ac3ccd7f3d26b01668b81815d1e5b060fec971902c25ef933c8763acc2e2
GET /template/m1938pc/css/style1.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Jul 2021 02:43:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f243ec-e981"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/css/white.css
122.10.27.117200 OK 2.7 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/white.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, ASCII text, with very long lines (1029)
Hash 4bf86016b51a0923f29b60eebfdb70c6
01e7ccf779aaa148497ca4b8af6a40c51cdef9f1
1f7a20fb223b8a442b6bdb8c821db5cc5b2d99398f81b4d55bb30da51ebb432a
GET /template/m1938pc/css/white.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9aefe-27a6"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/css/swiper.min.css
122.10.27.117200 OK 3.3 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/swiper.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (17459)
Hash e73a49e6a4e9772b6add191cf694bd34
00038fe32a6e97fbbeb281939adfb363cdd5f54f
5a1a24bd85867233f36de37f59b96bfeeb4290619781494713b8216902b30988
GET /template/m1938pc/css/swiper.min.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af06-455f"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/css/mm-content.css
122.10.27.117200 OK 1.6 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/mm-content.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 4d6246aaee98074314419600ac04d334
0e4d3ce5fb1f58e7e50ad59d9f5be139bbf246a8
c263e97580e0dab7f547130c7cd2f7516df52c23b8b15ccd28c951f56b027afb
GET /template/m1938pc/css/mm-content.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af08-24d5"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/css/mp4.css
122.10.27.117200 OK 2.0 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/mp4.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 1e2a92a65ee9e4f64e313caf5f55cac7
1cf740b450511e90f6ecd93521242bd009e72fa0
05c205d18a8195d407372166178aa9c909b3eb74be5fc0032d0d3833fcc6bde8
GET /template/m1938pc/css/mp4.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 04:55:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1ca6-2226"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/css/bootstrap.min.css
122.10.27.117200 OK 27 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/css/bootstrap.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (493)
Hash 05a25cdf37679d41a05c52e76e6c2cd2
16aacd64e4475ed3efd6e72370578e950bf76820
b3549f3f4ed086d81f6f6efbf4e909407a778d50fe3ff3ddea927cefc1ca6200
GET /template/m1938pc/css/bootstrap.min.css HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 05:00:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1dd6-2226a"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/js/jquery.superslide.js
122.10.27.117200 OK 2.9 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.superslide.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 2728d1c0b6f67113e4fd43bfe1c5fd9f
3c02fa0572cee1ff2050f36a6700b9d40a5bcd0a
1094d4cbd8570de92dbe8a1ed928d25e8f5edfc186de9319156c50ee1582cbaf
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-24d8"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/js/jquery.autocomplete.js
122.10.27.117200 OK 6.3 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.autocomplete.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /template/m1938pc/js/jquery.autocomplete.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-6215"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/js/jquery.lazyload.js
122.10.27.117200 OK 737 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.lazyload.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2223)
Hash eaf0b0026f5fe118b17efd08675e64e7
716de738af0b4ee171aacce51ece7c6b0402dcac
3420e9519c1663b6969106be32c6dec9c3a77558ea88a6f79e02696e0a99ff14
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 16:39:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62014b3e-8b1"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/js/jquery.js
122.10.27.117200 OK 37 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /template/m1938pc/js/jquery.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af28-169d5"
Expires: Fri, 25 Nov 2022 17:54:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/js/jquery.base.js
122.10.27.117200 OK 2.4 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.base.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 770f78f611789c0759e08c48bc766c54
66d1671195b9f432b8b1986f677414b1e4330a25
b215bcf5c56080e433bdfaa98b797b25a111e97e8a7b2498fcfdca2342c8ca61
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-1954"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/ads/banner_s.js
122.10.27.117200 OK 1.2 kB URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/banner_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 65fa4d98fc2d9c2fa737663d2648e361
594044bf1b938ab6a267e694176aad7d8f67c020
455082cdd0b529bd221b333bc2847ddab0fed279d5e13fb3fcf43552b5fb1d02
GET /template/m1938pc/ads/banner_s.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Wed, 23 Nov 2022 15:15:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637e3914-1ff3"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/static/js/home.js
122.10.27.117200 OK 10 kB URL HTTP/1.1 hkk.tsms3.top/static/js/home.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677)
Hash 94964f375af85be8e991d7e6abd9a40b
d768fa9eafd3435729ff69c95aecdb442cb27952
5a46491195ed6546583712062a62c500342c792958f93477d125a00901ec9af4
GET /static/js/home.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Aug 2021 06:28:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249190-95a5"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/ads/word_s.js
122.10.27.117200 OK 512 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/word_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 934d4e86b541c09067d9c6095673f850
ec3ea6f192887082d06b43fe4743426996e87d61
bc69ea798f10fb70e86efd6bdf3d3df33d395f902f3a543d8a46ace7a0259c2f
GET /template/m1938pc/ads/word_s.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:37:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376552f-d49"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/ads/word_x.js
122.10.27.117200 OK 444 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/word_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d66f4d55718880a8d05e996c6b3ae068
a6dcaf7106e6b097dcdb1ba1f8d4508025773cf8
efcefe681cd6cd9ce35fbd3a94a7627972a4a2ba2efa50b22b774c408b8c8d89
GET /template/m1938pc/ads/word_x.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:37:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376553f-a98"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/ads/banner_z.js
122.10.27.117200 OK 602 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/banner_z.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 26e1e6fa38ce20c7c4b55584ee90b448
11253f6f46dbce197bb6c00a21bd072c6b17f704
4aa0012a3106471b5bb23bc7f65e2ce3b9f2fb9915b7d810df5daf294c3a6dc4
GET /template/m1938pc/ads/banner_z.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Content-Length: 602
Last-Modified: Thu, 17 Nov 2022 15:36:36 GMT
Connection: keep-alive
ETag: "63765504-25a"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
hkk.tsms3.top/template/m1938pc/ads/1.js
122.10.27.117200 OK 697 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/1.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0a0e38bc4bb4b846c1cf9f4e1799ff36
f21a633b712a2a21c357b711f6169ba212d76ac0
05e28dd7f66e091a68a7767d20c8141902599d036ec90616f9609b7c4db565bc
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Fri, 18 Nov 2022 08:29:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6377427a-b16"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/2.js
122.10.27.117200 OK 929 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/2.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e25aca94c780cc610cbd9b7741dfde86
9d3ed2ee55a7fbb8f5c404bbe75e6aced8a38d4c
802bacec193e06dbd0358bf44016c34bc1cd5ebcf112cf7df7a72272a9c27c06
GET /template/m1938pc/ads/2.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Content-Length: 929
Last-Modified: Fri, 04 Nov 2022 12:29:17 GMT
Connection: keep-alive
ETag: "6365059d-3a1"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
hkk.tsms3.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11154808
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Fri, 25 Nov 2022 05:54:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6569837
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 05:54:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hkk.tsms3.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
96.6.16.143200 OK 917 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 917 kB (917226 bytes)
Hash 28998a87f539b948e98fdc9c82fc6a69
c0085b4e65a2679d63c10ccf8bcffd7b6014b211
1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a
GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7635841
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 05:54:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
96.6.16.143200 OK 457 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (457345 bytes)
Hash c715f378075493153db049a8d2e70e1c
8c86edc72c9fa616aa484a42b84cff16c35f06b9
7ea2d9498a4d7b0467811099cc382871149c383a4d2639f222b0b928494c91dd
GET /images/0Z0462215cypa2gv406F9.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 457345
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6569764
expires: Thu, 09 Feb 2023 06:50:20 GMT
date: Fri, 25 Nov 2022 05:54:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hkk.tsms3.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/dp66.js
122.10.27.117200 OK 590 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/dp66.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 538403db8818be50e49bb1c06d336c01
1f62588eff9ef8296f20fa4313c88b13df0be46e
5d550089195b982f184f2c10c65adb836fe361030e53674fad103e3118af46cb
GET /template/m1938pc/ads/dp66.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:36:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376550c-467"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hkk.tsms3.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/banner_x.js
122.10.27.117200 OK 922 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/banner_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 3deb687d6f898da93a9d44b235db116d
b974640da61f0b2249c9528cb68bfd0da0d3f048
c3ef600e134a3d197c8996ae5804837b1ac3c2c771b8885c11a1244e4ac4fe34
GET /template/m1938pc/ads/banner_x.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:16 GMT
Content-Type: application/javascript
Content-Length: 922
Last-Modified: Fri, 18 Nov 2022 08:35:15 GMT
Connection: keep-alive
ETag: "637743c3-39a"
Expires: Fri, 25 Nov 2022 17:54:16 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
hkk.tsms3.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:17 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash b34cdae9c8a21ee511a9a126ea9eefca
1fb183f891409945c93f8b590cdea7cf785f98be
8da221599b6c53ced8b07476e36483ff00dd7a99634e8ae708c1275c8a49d522
GET /hm.js?e7191e5689b911df153e7a3714bcb7c3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:16 GMT
Etag: a4a3f7c3e03591ac98d12dae05dc07f1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4C9BA08214DB99D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hkk.tsms3.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:17 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1889939243&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48137&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1889939243&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48137&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1889939243&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48137&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6F98C5B784AF0280; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a8ccf5b571c6c3ad33c7a00dc73cee15
d5099be07a28dc4ace29ed48f4a542900e25f153
4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=422121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820fc8c97b505-OSL
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11059
Expires: Fri, 25 Nov 2022 08:58:36 GMT
Date: Fri, 25 Nov 2022 05:54:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11059
Expires: Fri, 25 Nov 2022 08:58:36 GMT
Date: Fri, 25 Nov 2022 05:54:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11059
Expires: Fri, 25 Nov 2022 08:58:36 GMT
Date: Fri, 25 Nov 2022 05:54:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11059
Expires: Fri, 25 Nov 2022 08:58:36 GMT
Date: Fri, 25 Nov 2022 05:54:17 GMT
Connection: keep-alive
hkk.tsms3.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:17 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/b04qswchmjb0327b04qswchmjb535155.jpg
104.22.13.214200 OK 9.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/b04qswchmjb0327b04qswchmjb535155.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cc8d8ce03f4e08a31412dac8bf9a1a4c
7589f9ef05c123570488a5dfbd6038a9032ab741
498a627d86337fe2a656b30188966184072ea8170bacf249aaa190212755d05b
GET /upload/vod/2019/11-08/03/b04qswchmjb0327b04qswchmjb535155.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 9292
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10166
content-disposition: inline; filename="b04qswchmjb0327b04qswchmjb535155.webp"
etag: "5dc47039-27b6"
last-modified: Thu, 07 Nov 2019 19:27:53 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08c00afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/x3kvzgvkusr0329x3kvzgvkusr145297.jpg
104.22.13.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/x3kvzgvkusr0329x3kvzgvkusr145297.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 56a37552a65df2514dbaaccf0cf42471
21b2f9dee480ae4827c2ab185c7c10bf2e88decc
6c1193b09e596bc8b16ecf346b69fcb584f128c7152cbec2a97305896ec02a4b
GET /upload/vod/2019/11-08/03/x3kvzgvkusr0329x3kvzgvkusr145297.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 8444
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9589
content-disposition: inline; filename="x3kvzgvkusr0329x3kvzgvkusr145297.webp"
etag: "5dc4708b-2575"
last-modified: Thu, 07 Nov 2019 19:29:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08c70afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/jrkmbtug1n30326jrkmbtug1n3174985.jpg
104.22.13.214200 OK 3.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/jrkmbtug1n30326jrkmbtug1n3174985.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05bac2fd882343187a09a2892e92ecb0
ecc312669e245cf2e59087a4cf21463c741598d0
c5f7422f416277542d112799a15a47169446a4c7f65df2154b7543175ca31df1
GET /upload/vod/2019/11-08/03/jrkmbtug1n30326jrkmbtug1n3174985.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 3826
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6085
content-disposition: inline; filename="jrkmbtug1n30326jrkmbtug1n3174985.webp"
etag: "5dc46fd9-17c5"
last-modified: Thu, 07 Nov 2019 19:26:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08bf0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/3w50cth3owp03283w50cth3owp105181.jpg
104.22.13.214200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/3w50cth3owp03283w50cth3owp105181.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bdbac68a1fcc6b241b3d6b1a03fba2d
ad6d99bb5026b32b5fb0886f6fafe42416dfcbd0
85599cc1329973adcdd1d0dabeb0f040b36c44b020e8f377fa7775301aa4f390
GET /upload/vod/2019/11-08/03/3w50cth3owp03283w50cth3owp105181.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 6694
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7687
content-disposition: inline; filename="3w50cth3owp03283w50cth3owp105181.webp"
etag: "5dc4704a-1e07"
last-modified: Thu, 07 Nov 2019 19:28:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08c10afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/hcxrrfgrxwq0328hcxrrfgrxwq265209.jpg
104.22.13.214200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/hcxrrfgrxwq0328hcxrrfgrxwq265209.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash affee19aa3df5f6ac12035fef5c0d68b
913e65815093f9c636cbf1b2de0609957aaf0322
29e033f839cc20abf967a053c256d1e5b1232e0cd4b58913edeb615dd88a5068
GET /upload/vod/2019/11-08/03/hcxrrfgrxwq0328hcxrrfgrxwq265209.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 8192
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9571
content-disposition: inline; filename="hcxrrfgrxwq0328hcxrrfgrxwq265209.webp"
etag: "5dc4705a-2563"
last-modified: Thu, 07 Nov 2019 19:28:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08c20afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/uj352uqdofx0329uj352uqdofx315325.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/uj352uqdofx0329uj352uqdofx315325.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ffa9d69606d89dd08c9bc6c9c163568
40691f9f1fdee8db7a761aed1249c7a726011afb
c476ee435b63be6e43252ed293df67f9610993554cd18abb7c26b4c2e758f5d7
GET /upload/vod/2019/11-08/03/uj352uqdofx0329uj352uqdofx315325.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 11564
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12594
content-disposition: inline; filename="uj352uqdofx0329uj352uqdofx315325.webp"
etag: "5dc4709b-3132"
last-modified: Thu, 07 Nov 2019 19:29:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd38db0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/2xu2ooyefx503212xu2ooyefx5434496.jpg
104.22.13.214200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/2xu2ooyefx503212xu2ooyefx5434496.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash beabba2f0ac12582e38688a702bf6cc9
50cacddc3334543bb559086a507ba161802f2baf
b58aaac3dddf4d5e82f00d107521a5d2cedc4ee049467ee7c27b8b8e575a217e
GET /upload/vod/2019/11-08/03/2xu2ooyefx503212xu2ooyefx5434496.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 5940
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8408
content-disposition: inline; filename="2xu2ooyefx503212xu2ooyefx5434496.webp"
etag: "5dc46ec7-20d8"
last-modified: Thu, 07 Nov 2019 19:21:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd38dc0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/tryht0l05su0326tryht0l05su335015.jpg
104.22.13.214200 OK 5.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/tryht0l05su0326tryht0l05su335015.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 93c1e9667e40c6225a29e2c29f7e9368
363083b92d2ab4682d7b65c4dc9b9a1122c536d9
9c15634b3fcc13310d489d32cff275f62655be2e41a0c017392f76d4b21bdcda
GET /upload/vod/2019/11-08/03/tryht0l05su0326tryht0l05su335015.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:17 GMT
content-type: image/webp
content-length: 4968
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7400
content-disposition: inline; filename="tryht0l05su0326tryht0l05su335015.webp"
etag: "5dc46fe9-1ce8"
last-modified: Thu, 07 Nov 2019 19:26:33 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd28d80afa-OSL
X-Firefox-Spdy: h2
hkk.tsms3.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:17 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2477
Cache-Control: max-age=146522
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:54:18 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:36:20 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 727
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/ezi3p4ywbje0328ezi3p4ywbje415237.jpg
104.22.13.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/ezi3p4ywbje0328ezi3p4ywbje415237.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7eb0f5154cd57f63fa54d392e9267ddb
531d743edf3e4317cb008f3dc08d2d1705f8f84e
d22aa798d4de0f14c481e0c69b30f94575660596d2a86d4efeb7813fd47f2163
GET /upload/vod/2019/11-08/03/ezi3p4ywbje0328ezi3p4ywbje415237.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 8652
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11328
content-disposition: inline; filename="ezi3p4ywbje0328ezi3p4ywbje415237.webp"
etag: "5dc4706a-2c40"
last-modified: Thu, 07 Nov 2019 19:28:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08c40afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/s0yi01xd2xc0328s0yi01xd2xc585267.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/s0yi01xd2xc0328s0yi01xd2xc585267.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 894b66bdd3c094dc7d00d1e8f25938b7
a6f234b46a13d8bea98796fb35dc0477a361b251
aaeaf342b5ea8870eee17a89ec2dca4656a00545d0e75157ef140c32644042ac
GET /upload/vod/2019/11-08/03/s0yi01xd2xc0328s0yi01xd2xc585267.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 11640
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12813
content-disposition: inline; filename="s0yi01xd2xc0328s0yi01xd2xc585267.webp"
etag: "5dc4707a-320d"
last-modified: Thu, 07 Nov 2019 19:28:58 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd08c50afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/yl4cd4ctp3w0327yl4cd4ctp3w215105.jpg
104.22.13.214200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/yl4cd4ctp3w0327yl4cd4ctp3w215105.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eeac6fce752c6ae6a7abebe76fc04488
61a2e065f327db37f390b62e98819fec6af64fea
9184b1d72035fdaec82afbd634b60e97208bd738dd7a14efb94b8c96a23c2cd7
GET /upload/vod/2019/11-08/03/yl4cd4ctp3w0327yl4cd4ctp3w215105.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 8762
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10972
content-disposition: inline; filename="yl4cd4ctp3w0327yl4cd4ctp3w215105.webp"
etag: "5dc47019-2adc"
last-modified: Thu, 07 Nov 2019 19:27:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd28d70afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/jiwdmm1o2wy0327jiwdmm1o2wy055075.jpg
104.22.13.214200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/jiwdmm1o2wy0327jiwdmm1o2wy055075.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02c796df6bcf813c911b08b1473209b0
851ca3fa170ab4c03d3bcf28ca9e2d7ceade67d6
c9f96faeedced171a87e9f853b246a94411f02b51eb874a90e2b238d90da24db
GET /upload/vod/2019/11-08/03/jiwdmm1o2wy0327jiwdmm1o2wy055075.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 6066
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7315
content-disposition: inline; filename="jiwdmm1o2wy0327jiwdmm1o2wy055075.webp"
etag: "5dc47009-1c93"
last-modified: Thu, 07 Nov 2019 19:27:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd28d30afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/mfy1zdanmya0321mfy1zdanmya594526.jpg
104.22.13.214200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/mfy1zdanmya0321mfy1zdanmya594526.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae38dad251b95e9e17af5189b3500979
4644587285303b063a55d29db254c5dcd1ceea1c
decf4b29b283094284eec3e92af894071f06a2a3e0ea849890484f691e463c0a
GET /upload/vod/2019/11-08/03/mfy1zdanmya0321mfy1zdanmya594526.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 9794
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10611
content-disposition: inline; filename="mfy1zdanmya0321mfy1zdanmya594526.webp"
etag: "5dc46ed7-2973"
last-modified: Thu, 07 Nov 2019 19:21:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd38dd0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/mtm3l5hlx2r0326mtm3l5hlx2r485045.jpg
104.22.13.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/mtm3l5hlx2r0326mtm3l5hlx2r485045.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c15388583de3e724d2c07bc9810181a
85949b48b478d35c32bbbf97e9e85fb6e221a7b6
8f4f2f712ed69106dd44222c75093a8f072d469226996eeff2859ee79b05ed51
GET /upload/vod/2019/11-08/03/mtm3l5hlx2r0326mtm3l5hlx2r485045.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 6384
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8257
content-disposition: inline; filename="mtm3l5hlx2r0326mtm3l5hlx2r485045.webp"
etag: "5dc46ff8-2041"
last-modified: Thu, 07 Nov 2019 19:26:48 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd28d50afa-OSL
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
47.246.44.225200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 10:44:11 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:58:09 GMT
nw-session-id: 202210211458090102080352141D4BD2FDd8djs02dy
nw-session-trace: 2022-10-21T14:58:09.500113241+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:58:09 GMT
x-tt-logid: 202210211458090102080352141D4BD2FD
via: n150-056-037, cache10.l2de2[0,0,206-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], cache2.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01cbee9379081dede4563ed816372eaed9e22e817cb6a172f5515b36a1d0b0b16b0992519978341c8c47dea2460ef9488fea2a1af46ef3a756f47ed19c1f3caa455c050d0adbbab5c58656198a7c70892c0a0b1880236b0a5587be96287d217bf8
x-response-lb: image
ali-swift-global-savetime: 1666349051
age: 3006607
x-cache: HIT TCP_MEM_HIT dirn:3:84784281
x-swift-savetime: Fri, 21 Oct 2022 10:50:02 GMT
x-swift-cachetime: 31535649
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516693556580748056e
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/ojpogq3x01s0322ojpogq3x01s154556.jpg
104.22.13.214200 OK 3.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/ojpogq3x01s0322ojpogq3x01s154556.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e71539fedf298d3c10c9a49bbd9da73f
9927f2a2d2f9d610a810a6a986d573ee260a7c67
9028ea7fbb35dc064716ac8c53ed25eff76cce84d79b512cf5f1f62f71918a59
GET /upload/vod/2019/11-08/03/ojpogq3x01s0322ojpogq3x01s154556.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 3812
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7137
content-disposition: inline; filename="ojpogq3x01s0322ojpogq3x01s154556.webp"
etag: "5dc46ee7-1be1"
last-modified: Thu, 07 Nov 2019 19:22:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd38de0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/03o443vkrdj032203o443vkrdj314586.jpg
104.22.13.214200 OK 2.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/03o443vkrdj032203o443vkrdj314586.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b0f31f6046161d9f1b58fd5239fd9bb2
8dea932441fd99bb55f30f03730bd6114a450873
958a8168b95570e458878e455529d36808860be4549a84b8ab2641e2ce2d9af5
GET /upload/vod/2019/11-08/03/03o443vkrdj032203o443vkrdj314586.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 2902
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5768
content-disposition: inline; filename="03o443vkrdj032203o443vkrdj314586.webp"
etag: "5dc46ef7-1688"
last-modified: Thu, 07 Nov 2019 19:22:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd38e20afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/yi0sb2pw5s50322yi0sb2pw5s5474614.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/yi0sb2pw5s50322yi0sb2pw5s5474614.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25c2abbf3802142bdbd7f5b86d9e5000
47c05e4936b2132f1f08b89bb32875aee6f2c628
763ce8cfddfe45e2ad7eeb55ffcf67a348a37a531b1c97a1fffcf55246da831e
GET /upload/vod/2019/11-08/03/yi0sb2pw5s50322yi0sb2pw5s5474614.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 9982
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10758
content-disposition: inline; filename="yi0sb2pw5s50322yi0sb2pw5s5474614.webp"
etag: "5dc46f08-2a06"
last-modified: Thu, 07 Nov 2019 19:22:48 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd38e30afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/z14wknxqsqt0327z14wknxqsqt375133.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/z14wknxqsqt0327z14wknxqsqt375133.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b063bc32fe672504c019bfb885d189ca
4e1686e69745c8765442fff8664d58bcf20de096
548bccd1f3c055c2dae679a449ad4fd680104e4b6cba4cdfcc0471b968b7ae2d
GET /upload/vod/2019/11-08/03/z14wknxqsqt0327z14wknxqsqt375133.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 11838
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12528
content-disposition: inline; filename="z14wknxqsqt0327z14wknxqsqt375133.webp"
etag: "5dc47029-30f0"
last-modified: Thu, 07 Nov 2019 19:27:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820fd28d90afa-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b02886bffe192ee5259a2c3a1e1b5ba7
00fa6e56af4f69a831affc97cc6a83ca8afed8af
d612a6e3dfc5804e274d999dbb5dd1eaea58b0a4820b3b1ab90be7fe8a792b80
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 00:53:48 GMT
Expires: Tue, 29 Nov 2022 00:53:47 GMT
Etag: "00fa6e56af4f69a831affc97cc6a83ca8afed8af"
Cache-Control: max-age=326968,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820ff4ed00af6-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 75e57e4a6cf40312bc50060099e11b36
976ea6be9fccf8fd82d0e903063e7fc78a5ced25
8fd7d7afb623d51086a47097d76a77aef8844c1bd8a04d7b0b9d47767ba4e151
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:19 GMT
Expires: Thu, 01 Dec 2022 16:52:18 GMT
Etag: "976ea6be9fccf8fd82d0e903063e7fc78a5ced25"
Cache-Control: max-age=557279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820ff89d00b39-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1b0f31ddd7c6bb23a36c87f7498dc039
578307d677cf2ee6777bef48c738bc5657cdd4f9
081e23f7b569bd930660eb9ce954f1c531157711776b680334a697ac1ab27811
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 17:12:59 GMT
Expires: Wed, 30 Nov 2022 17:12:58 GMT
Etag: "578307d677cf2ee6777bef48c738bc5657cdd4f9"
Cache-Control: max-age=472119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820ff9ef20af6-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4d9f43ef6e189ca37593c860eb760a9a
5b06c3b5a1d2d81875005cab363b2fe268cb4d0a
b0fa83b4ffec9285300ebc9f3c5d3e3141e34602f2525f4ad3ff67081b349add
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 13:54:27 GMT
Expires: Thu, 01 Dec 2022 13:54:26 GMT
Etag: "5b06c3b5a1d2d81875005cab363b2fe268cb4d0a"
Cache-Control: max-age=546607,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820fece65b505-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7dc11af064c4b25f8761632290d5d3e4
bd923d7bd852cfcfee6df3483e70f8e8325f7ff5
af66411ccaf5f86e5e09fdb91496521c7eebc788ff031b8736326de63cdb84ab
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:48:06 GMT
ETag: "bd923d7bd852cfcfee6df3483e70f8e8325f7ff5"
Last-Modified: Fri, 25 Nov 2022 02:48:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2710
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f821002a9b0b31-OSL
hkk.tsms3.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ded49783fdcdc054fa5165dac98c634d
7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632
6996870c2af49b4b59cbf0fe6d9f95efbc4fa3d0cae1ec2961aeae20c4db4e68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:18:44 GMT
Expires: Mon, 28 Nov 2022 23:18:43 GMT
Etag: "7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632"
Cache-Control: max-age=321264,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820ff885cb50b-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e7285db3174f8b3d4d5747636b5eae0c
17ae564902df60f149eaac1d872a01d379d16df8
d5e5923824d223aec17b11c844e75ff967774bf0aef196cd54b6d428fb5df36a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 04:08:52 GMT
ETag: "17ae564902df60f149eaac1d872a01d379d16df8"
Last-Modified: Fri, 25 Nov 2022 04:08:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820ff09cdb4e8-OSL
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/o0wq1p0prex2001o0wq1p0prex504889.jpg
104.22.13.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/o0wq1p0prex2001o0wq1p0prex504889.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5863b4538d22335a3d97ec542df5e48
1e7683440ba917fb8d3baa657c7cd0ba7088e68d
e6515a91577f0266a1fe894f4a140096dbc95e06c66dd71e45f9d91db87dd121
GET /upload/vod/2020/01-05/20/o0wq1p0prex2001o0wq1p0prex504889.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 8588
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11173
content-disposition: inline; filename="o0wq1p0prex2001o0wq1p0prex504889.webp"
etag: "5e11d02e-2ba5"
last-modified: Sun, 05 Jan 2020 12:01:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821007a5e0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/qxywohblzvb2001qxywohblzvb344885.jpg
104.22.13.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/qxywohblzvb2001qxywohblzvb344885.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72f4d321ed215a1eeb72db80178edbe4
9d0001131201da522063209f8e0c83601c3127d5
9c0b31b9a96d415feda2f0addd48dde2fe98901b1061604eb98ac57aa888b0a3
GET /upload/vod/2020/01-05/20/qxywohblzvb2001qxywohblzvb344885.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 6350
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7553
content-disposition: inline; filename="qxywohblzvb2001qxywohblzvb344885.webp"
etag: "5e11d01e-1d81"
last-modified: Sun, 05 Jan 2020 12:01:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821007a5c0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/sdipm0phnxj2001sdipm0phnxj184881.jpg
104.22.13.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/sdipm0phnxj2001sdipm0phnxj184881.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7dc6ce50cdb764e983dff87bd5d3b331
0081f5e657cd1e6efff6b54468a3f3a0c91abf9e
9d0e7c132c3f67d3f17b3c95a6d1fcd574ecb193289e9c192fa9e977693aa329
GET /upload/vod/2020/01-05/20/sdipm0phnxj2001sdipm0phnxj184881.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 8044
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8737
content-disposition: inline; filename="sdipm0phnxj2001sdipm0phnxj184881.webp"
etag: "5e11d00e-2221"
last-modified: Sun, 05 Jan 2020 12:01:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821007a5b0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/a0c3scvmzun2002a0c3scvmzun064893.jpg
104.22.13.214200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/a0c3scvmzun2002a0c3scvmzun064893.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abee0629386e2590ce822bdb282abe95
6f2b3f26ebe3a95ac7de9922513649e3168b72dd
71eeb64116eee142a911f4ae0b44f635fa204cde56e76716aecf09f8ee2ed208
GET /upload/vod/2020/01-05/20/a0c3scvmzun2002a0c3scvmzun064893.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 6628
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7681
content-disposition: inline; filename="a0c3scvmzun2002a0c3scvmzun064893.webp"
etag: "5e11d03e-1e01"
last-modified: Sun, 05 Jan 2020 12:02:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821007a5f0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/1a1n0wski2l03231a1n0wski2l044644.jpg
104.22.13.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/1a1n0wski2l03231a1n0wski2l044644.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 61881bd614c9358172c7493612ad10df
2a2743b69c0da39489b1b8107756f6173ad37ee8
623f159b7fc9a2bcb2c2fdf764b920a219ce6ef9d304718e47a0cdba5dd1b5c0
GET /upload/vod/2019/11-08/03/1a1n0wski2l03231a1n0wski2l044644.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 8004
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9214
content-disposition: inline; filename="1a1n0wski2l03231a1n0wski2l044644.webp"
etag: "5dc46f18-23fe"
last-modified: Thu, 07 Nov 2019 19:23:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821007a5a0afa-OSL
X-Firefox-Spdy: h2
hkk.tsms3.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e7285db3174f8b3d4d5747636b5eae0c
17ae564902df60f149eaac1d872a01d379d16df8
d5e5923824d223aec17b11c844e75ff967774bf0aef196cd54b6d428fb5df36a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 04:08:52 GMT
ETag: "17ae564902df60f149eaac1d872a01d379d16df8"
Last-Modified: Fri, 25 Nov 2022 04:08:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f82100db7cb529-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8792e8e3072f3321982b32b53ddc29dc
a71934bba96a469462919336060167835de569cb
974542e2a163a43a0efadf98496d541c7ebce965d9cee815881bd4e2ae45bde7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "974542E2A163A43A0EFADF98496D541C7EBCE965D9CEE815881BD4E2AE45BDE7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13282
Expires: Fri, 25 Nov 2022 09:35:40 GMT
Date: Fri, 25 Nov 2022 05:54:18 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e7285db3174f8b3d4d5747636b5eae0c
17ae564902df60f149eaac1d872a01d379d16df8
d5e5923824d223aec17b11c844e75ff967774bf0aef196cd54b6d428fb5df36a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 04:08:52 GMT
ETag: "17ae564902df60f149eaac1d872a01d379d16df8"
Last-Modified: Fri, 25 Nov 2022 04:08:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820ffec71b509-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e7285db3174f8b3d4d5747636b5eae0c
17ae564902df60f149eaac1d872a01d379d16df8
d5e5923824d223aec17b11c844e75ff967774bf0aef196cd54b6d428fb5df36a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 04:08:52 GMT
ETag: "17ae564902df60f149eaac1d872a01d379d16df8"
Last-Modified: Fri, 25 Nov 2022 04:08:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f821003aa20b31-OSL
223969ufy.com/2fd1ff8304ce4683ad375e9c692230a2.gif
45.61.212.226200 OK 636 kB URL HTTP/1.1 223969ufy.com/2fd1ff8304ce4683ad375e9c692230a2.gif
IP 45.61.212.226:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 636 kB (635680 bytes)
Hash 1cb325d5859a93c29e41953b1089d4ef
ba867d7f6fd51ccf98e3e62b3786b109198ed236
903053e8dc64064819c2c30f1672015877d8cf7f5f2e7ca70ba8060ddda4b8fb
Analyzer Verdict Alert quad9 Sinkholed
GET /2fd1ff8304ce4683ad375e9c692230a2.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637727c3-9b320"
Date: Fri, 18 Nov 2022 12:20:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 18 Nov 2022 06:35:47 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-26
Content-Length: 635680
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/se2jjpylmjk2002se2jjpylmjk224897.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/se2jjpylmjk2002se2jjpylmjk224897.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 464ae8a70354355dfc3ba09518ad45a4
eb0af19b1427da4c744010b30035efe00bdf20c1
43be025f6066f722b849e0eea333bce211c6e7f3997e0f1d6c55010e96acaa59
GET /upload/vod/2020/01-05/20/se2jjpylmjk2002se2jjpylmjk224897.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/webp
content-length: 10352
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11267
content-disposition: inline; filename="se2jjpylmjk2002se2jjpylmjk224897.webp"
etag: "5e11d04e-2c03"
last-modified: Sun, 05 Jan 2020 12:02:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821007a610afa-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8d2d4c2519e173d156b0629de506e00c
b21c4758aa7cda5014cd3386e5bceb4123053a9e
25238d4415525d3410163e30d1b1e07336dee26372340f07a2689bc2fac22e73
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:39:05 GMT
Expires: Wed, 30 Nov 2022 15:39:04 GMT
Etag: "b21c4758aa7cda5014cd3386e5bceb4123053a9e"
Cache-Control: max-age=466485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f821008f7c0af6-OSL
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.29200 OK 1.1 MB URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.29:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1086086 bytes)
Hash fe1357abf524bc560d11e4af8beddaf9
175486b7fa4830246014f760a759f4aacf460b7c
fac07ee4c01eab6eeb7c10dbaca74fbfde9a4dbfc0fa88325cf32ecdc405603a
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Tue, 24 Jan 2023 05:54:17 GMT
last-modified: Fri, 06 Jan 2023 02:12:34 GMT
x-nws-log-uuid: db372747-39b9-4e61-a4e1-4fe429320186
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-cache-lookup: Hit From Disktank3
x-nws-uuid-verify: 58da04f337dabc9dfdb9b7c95c7c9808
m-traceid: 9vdrgg3fvl9uw4gwn4ip
age: 710810
timing-allow-origin: *
X-Firefox-Spdy: h2
hkk.tsms3.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hkk.tsms3.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
45.61.212.171200 OK 322 kB URL HTTP/2 u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
IP 45.61.212.171:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 322 kB (322130 bytes)
Hash 6e9a6af4964e174da5597e2be162e59c
a75f9890ad7e1334f11b4dbe0da134266d78e329
b43e284062fe514e5108a9c8601616ea2771a2d64a3b32644ae7adea063599d3
GET /214791aa005b4c46b6a9f04058cfb808.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364e2f0-4ea52"
server: nginx
date: Sun, 20 Nov 2022 20:33:37 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 10:01:20 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-11
content-length: 322130
X-Firefox-Spdy: h2
u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
103.170.15.66200 OK 297 kB URL HTTP/2 u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
IP 103.170.15.66:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 297 kB (297356 bytes)
Hash e63728bfd7747ecc0a25bfdb2b851365
9e5716e96d0685245024cb501a8897e87717ce6e
3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6
GET /6ba61e82d9854d649a1c65d94346189b.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff89-4898c"
server: nginx
date: Fri, 25 Nov 2022 03:24:00 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:03:21 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-56
content-length: 297356
X-Firefox-Spdy: h2
u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
103.170.15.66200 OK 269 kB URL HTTP/2 u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
IP 103.170.15.66:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 269 kB (268903 bytes)
Hash d60a666b8a2b332244f82df2f7c985b7
ef8e353e1202ec391da338e5dbdea6796e579de3
f06bf9345b4c684ab9b191073da5134b2b76cd0c5196427aa69c509e675e4bd6
GET /4b3c4c0b91ab44a293f636576b61f61d.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6378c9eb-41a67"
server: nginx
date: Fri, 25 Nov 2022 00:56:54 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 12:19:55 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-56
content-length: 268903
X-Firefox-Spdy: h2
u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
45.61.212.171200 OK 66 kB URL HTTP/2 u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
IP 45.61.212.171:0
File type GIF image data, version 89a, 300 x 220\012- data
Hash 45c27704a7e5bf04a6ee9ca43a4a5710
30c46b532a8fad2580b72262df8233f9f3d92eac
784d9eae2229b2cb0aaf6ec5c3db20652d4046d2db82611b9ae293b61de4affb
GET /8e5c0e404b9b4ccfbf1a21cc4b180b59.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff68-10124"
server: nginx
date: Fri, 04 Nov 2022 12:38:20 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:48 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-11
content-length: 65828
X-Firefox-Spdy: h2
u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
103.170.15.51200 OK 376 kB URL HTTP/2 u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
IP 103.170.15.51:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 376 kB (375501 bytes)
Hash 3cc130e8c73445ee88904b1d2945a002
ea12d90d3525af1eef53258ce9681b0093cf717e
29c94fe20be25178fb7896728930c7857d8f7db1e223295be8acf0fd4de68936
GET /c0ea67357fab443e9f882a89c29f0f29.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff5a-5bacd"
server: nginx
date: Wed, 23 Nov 2022 13:17:29 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:34 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-41
content-length: 375501
X-Firefox-Spdy: h2
hkk.tsms3.top/api.php/timming/index?t=0.6151674107880001
122.10.27.117200 OK 114 B URL HTTP/1.1 hkk.tsms3.top/api.php/timming/index?t=0.6151674107880001
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with no line terminators
Hash 88c2c3b7020632d02d5a4cd2b4744913
1c6310246b7df2189ae850d1e19d27f18e2fdb6a
3e2c07c4a4b5218545cc97bfe5b42934ab9f214fdb8d20ee7e102b1b70cf0153
GET /api.php/timming/index?t=0.6151674107880001 HTTP/1.1
Host: hkk.tsms3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hkk.tsms3.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:19 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=vq4vqomamb1nb24jkkq6iuh7dp; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/530ohu1edr52002530ohu1edr5384901.jpg
104.22.13.214200 OK 9.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/530ohu1edr52002530ohu1edr5384901.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ab5fbe0e2f4fe8135cdb428af69a17c0
c874b180ca424e28e377659a169d7027ab95edc2
e8bcd446aa0a2fd425d24fd12308861a9cfb689e54a36f3a52e51d83d9abd9a7
GET /upload/vod/2020/01-05/20/530ohu1edr52002530ohu1edr5384901.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: image/webp
content-length: 8964
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10080
content-disposition: inline; filename="530ohu1edr52002530ohu1edr5384901.webp"
etag: "5e11d05e-2760"
last-modified: Sun, 05 Jan 2020 12:02:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f82103fbed0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/4zzq0pvbnng20034zzq0pvbnng104909.jpg
104.22.13.214200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/4zzq0pvbnng20034zzq0pvbnng104909.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4e4460b126ba5a9af0ca4ca207a6f2df
1e6db60eea055f6c23018a66d1a62f9749ea8772
fe8cbe1bcddd857ab52d59380181c3122746fcf8d95285ed80c5715db71736c4
GET /upload/vod/2020/01-05/20/4zzq0pvbnng20034zzq0pvbnng104909.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: image/webp
content-length: 4528
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6563
content-disposition: inline; filename="4zzq0pvbnng20034zzq0pvbnng104909.webp"
etag: "5e11d07e-19a3"
last-modified: Sun, 05 Jan 2020 12:03:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821040bf00afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/2jwbtsjpymn20022jwbtsjpymn544905.jpg
104.22.13.214200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/2jwbtsjpymn20022jwbtsjpymn544905.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f6e001f5f5ea5a4f79bb7143efe2e7c4
eeb79beb3e501367872b10e227e3863280ee288c
21486509de1d5f90a7ca6a026f1d747a2092252c2cbeb0327deb5f8fdb3f6b1a
GET /upload/vod/2020/01-05/20/2jwbtsjpymn20022jwbtsjpymn544905.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: image/webp
content-length: 6018
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8385
content-disposition: inline; filename="2jwbtsjpymn20022jwbtsjpymn544905.webp"
etag: "5e11d06e-20c1"
last-modified: Sun, 05 Jan 2020 12:02:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821040bee0afa-OSL
X-Firefox-Spdy: h2
n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
20.243.252.217200 OK 106 kB URL HTTP/1.1 n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
IP 20.243.252.217:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 106 kB (106506 bytes)
Hash 6d54569d13361f2790967b7e4121586e
9536ee76ac74f72529df2def312ff0ec014bcf29
9423946c26a250564157b32a00e6716649ef7e761e2f5cf826dbb83c532f3194
GET /cadfaad6bf3a48caadd756dfd170308c.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Nov 2022 10:01:44 GMT
ETag: W/"6364e308-71fb4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
lbfm.lbpictupian.com/upload/vod/2020/01-05/20/k3e4gijea2q2003k3e4gijea2q274913.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/20/k3e4gijea2q2003k3e4gijea2q274913.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49b0edb317080b6573504e75ebb5f547
ec9242a9ecc3effb41bdf4088974d52fc223d055
c027b19221d5f301c2917ad428675184864edad380dffc99311cfdfeef36185b
GET /upload/vod/2020/01-05/20/k3e4gijea2q2003k3e4gijea2q274913.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: image/webp
content-length: 10808
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11554
content-disposition: inline; filename="k3e4gijea2q2003k3e4gijea2q274913.webp"
etag: "5e11d08f-2d22"
last-modified: Sun, 05 Jan 2020 12:03:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f821040bf20afa-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6816
Expires: Fri, 25 Nov 2022 07:47:55 GMT
Date: Fri, 25 Nov 2022 05:54:19 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a81b7e5917b0a9fceb9d0ebe8dcda874
7de91e796d8fa1b7e13833bfd533ff262b781e08
379389deadc80b824d233137afde10363a53f8347657a966f0c3aedab78271cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 03:45:41 GMT
Expires: Tue, 29 Nov 2022 03:45:40 GMT
Etag: "7de91e796d8fa1b7e13833bfd533ff262b781e08"
Cache-Control: max-age=337280,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f821077fc5b50b-OSL
hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 3d15558ed42debce83d656e08f006f6a
9c8fee88ac5c64a00ae6d0a3b496f2c89a19fb9b
e2df83ef2e610a8f130ed0f184270ba237b0ae2b367ef11f76a49e202ca3c60b
GET /hm.js?adcca6f1017c682dc84c135157a96e7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: 250e605c7e424fa016d802d58a199ed3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C4CE9CCC5678E3EC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
mt66g.com/image/c960X160.gif
23.224.145.198200 OK 226 kB URL HTTP/2 mt66g.com/image/c960X160.gif
IP 23.224.145.198:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 226 kB (226350 bytes)
Hash dc050a09c8f91b6a1cd31f0e14a26f82
cd2aeab9db3c276e676bf0c7f32bf18059c6b522
335eab09ae4eccb826c619213a55977bf822b21117d2b4c7d6ffe5831c327163
GET /image/c960X160.gif HTTP/1.1
Host: mt66g.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:18 GMT
content-type: image/gif
content-length: 226350
last-modified: Mon, 24 Oct 2022 09:26:09 GMT
etag: "63565a31-3742e"
expires: Fri, 23 Dec 2022 09:27:20 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 05:54:19 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=152685
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669355659
Via: cache19.l2de2[516,515,200-0,M], cache19.l2de2[516,0], cache2.se1[539,539,200-0,M], cache2.se1[540,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 05:54:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616693556590251905e
hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 487f5e4dbb2c1f241cb0eed4f38e84be
a58194e6716a74cc9600c02670d6a0691fc2b29b
529cc615bcceaf01db8151b74952301711ef6864cb11e57323413bc1a3053d85
GET /hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: 53bacbb805b1f191a882c6fee72443b5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=604220D224EE455E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1742821171&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1742821171&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1742821171&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B0A49F5E5A002CA3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 575c312241aa584949534cfd92f4f62b
44a9f6d9d4da3543fefcb5bd4f6bc2a734ae2071
5adb2cf94c0b39e53814dcdbba6703155cfe6d948fafb86fc37863e2590307fb
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:54:19 GMT
Last-Modified: Fri, 25 Nov 2022 04:24:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 6380588AB8000532346731A8
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 9f3fc641efdbcf152994d1fceb09be48
632bfc5bb9eea4c16ac3514c8145218dd484eb87
a129468e8ab8b3d49b5bd428ee2216fd57d04ec192d861dea5f4ec07f53b5f86
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: cd7bb524dce69a7c9f6ca2efd22a935c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1036EF747E43A500; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1714085796&si=a42a9f9e7ce3dc4e0fe7d731ff179318&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1714085796&si=a42a9f9e7ce3dc4e0fe7d731ff179318&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1714085796&si=a42a9f9e7ce3dc4e0fe7d731ff179318&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=09594C7639CD662C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:51:55 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sun, 25 Dec 2022 05:51:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0yFUidjGHhQ
58.254.180.65200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 58.254.180.65:0
ASN #136958 China Unicom Guangdong IP network
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: image/gif
content-length: 121040
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
etag: "72f445e66343e28d92a588cd7858f2dc"
age: 74130
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f3o44t80hap8bs7gplib1norlkg2hbb5
content-md5: cvRF5mND4o2SpYjNeFjy3A==
x-kss-storage-class: STANDARD_IA
timing-allow-origin: *
ohc-global-saved-time: Thu, 27 Oct 2022 07:22:08 GMT
ohc-cache-hit: gz3un59 [2], xiangyix59 [4]
ohc-file-size: 121040
x-cache-status: HIT
X-Firefox-Spdy: h2
vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
45.61.212.136200 OK 286 kB URL HTTP/2 vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
IP 45.61.212.136:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 286 kB (285785 bytes)
Hash 92285e93786dd0e69700a7b81ee67d1e
a9026bec9dc218806e865b3643d5fbe9a94f4edb
9f02528d2edc78634ebfd71d3c682cd679682715dc20afb446b9c8b5c26e1ae1
GET /e56118d487df470a95ed3ab64d8647ff.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635b961a-45c59"
server: nginx
date: Wed, 23 Nov 2022 15:24:46 GMT
content-type: image/gif
last-modified: Fri, 28 Oct 2022 08:43:06 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-06
content-length: 285785
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: image/gif
content-length: 158841
expires: Sun, 06 Nov 2022 14:31:54 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 916646
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 03 Nov 2022 14:31:54 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 02a08c91854f63c694f3a33c3e0b09c4
fd3c5967a8eda19611cbdd65100649175548e243
53a186c3b72a53ace6148a00ce45d868ea825992c067cbde674bb9e6a27b1726
GET /hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: 38e015fd3889468cff78e1ad76a684d2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2AD8E5D27CA90EFF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
47.75.19.45200 OK 251 kB URL HTTP/1.1 sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
IP 47.75.19.45:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 251 kB (250863 bytes)
Hash 146302635db0d447d3779d91b77d8389
281b62ad456eee28791ca926602b14ac6e84d9d7
efd5d5f699b6633ef18e5bb91fe5fd45604d6648f7249bfb1b5a29acc7b9f9b2
GET /3658-365-960x80.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: image/gif
Content-Length: 250863
Connection: keep-alive
x-oss-request-id: 6380588A8A23F73137BFA77C
Accept-Ranges: bytes
ETag: "146302635DB0D447D3779D91B77D8389"
Last-Modified: Fri, 18 Nov 2022 08:30:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3277067101677540170
x-oss-storage-class: Standard
Content-MD5: FGMCY12w1EfTd52Rt32DiQ==
x-oss-server-time: 1
hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash c15e51c9f70e468e56cc977f9ef8bea1
9c35f29154c259257af7fbee22aff85bf6e83359
30fd82a7d2f0d85d5ad5e87714b045eb60119f55500560bb1d156f657969da43
GET /hm.js?118d8c4b51d138a967fb082395b27809 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: a6854df128f8b24212c47a510e342179
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B6010CB43EF1B797; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=655703779&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=655703779&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=655703779&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=48139&r=0&ww=1252&u=http%3A%2F%2Fhkk.tsms3.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:20 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D97F7CA456FF4CC1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash fbbb8a5d1b9a43559b861666b5fb9e6b
4bc5b1444dc6774a8361e03f5afe10aa196c66aa
180036f969b0eed08c2426e3c2a56112d0c94b68e25de5eca8de31e521dda799
GET /hm.js?5f6f6952a111398e4db76c6944ccaba1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: 91bf50efeae09258d850e85273527984
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D675F3A4BBC7E61C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash e837e5cd32a1fac0fec95de1f2be1cbf
4e18a478f862dfe5e3efa9a65ade18a03e246857
133fd03fa1be1cd1a29ec28f78185e89aeaea396d16177c1b05bec35ccfb51b5
GET /hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:19 GMT
Etag: f59b90368747075bdcef034359c7a805
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CF31C27C2FFB35F9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 532 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 532 kB (531945 bytes)
Hash 904c4f51a02c9f03f27ac2593d4c061e
faa7b399e3dc1e36e450636f0fafcaaca901f59e
107d811d56db4017059b2c99a4829faa9e20ce7fa395b3182bdb456ff93fbee6
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 05:54:18 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 6380588AF27FBE313267D5E6
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 1
img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
IP 91.199.87.220:0
GET /images/635242fd5fe50f0585d3ef8f.gif HTTP/1.1
Host: img.u1555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
cache-control: max-age=3600
X-Firefox-Spdy: h2
hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
106.227.30.48200 OK 0 B URL HTTP/2 hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
IP 106.227.30.48:0
GET /static/tongji/plugins/UrlChangeTracker.js HTTP/1.1
Host: hmcdn.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 25 Nov 2022 05:54:19 GMT
content-type: application/x-javascript
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
etag: "5f8eb0f7-4b3c"
content-encoding: gzip
age: 91554
accept-ranges: bytes
tracecode: 00557334490254889226093005
vary: Accept-Encoding
timing-allow-origin: *
ohc-global-saved-time: Sun, 20 Nov 2022 02:12:58 GMT
ohc-cache-hit: nc5ct69 [2], tjctcache59 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3245eddf7b031a037c644e0f859ed26d
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?3245eddf7b031a037c644e0f859ed26d
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?3245eddf7b031a037c644e0f859ed26d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hkk.tsms3.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:20 GMT
Etag: a4fcaed814d8395d40a73c8f91fbe5b9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D7E1950DD224F9F4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800