r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9904
Expires: Wed, 25 Jan 2023 13:40:52 GMT
Date: Wed, 25 Jan 2023 10:55:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7279
Expires: Wed, 25 Jan 2023 12:57:07 GMT
Date: Wed, 25 Jan 2023 10:55:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 10:42:49 GMT
content-type: application/json
age: 779
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3316
Expires: Wed, 25 Jan 2023 11:51:04 GMT
Date: Wed, 25 Jan 2023 10:55:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d5H5dwFFem600XEi6Kh0IWBkzxwBdbzjQOym7A0dMJVfMWVFDzjk5QzjTPvBSbBiMDvpnMPmNxjEQiCPEw2P0w==
x-amz-request-id: ZFHVEZ5XX90J20S3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 10:48:32 GMT
age: 436
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 10:55:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 10:41:40 GMT
age: 849
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
200 OK 9.2 kB URL HTTP/1.1 12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1390)
Hash 77530349a116e76800eb6f2a94fd2aeb
304daf011ab6d1473fa54977ad2f40088a7e899d
80d1b8584dedf8d6d101cba43e61c28f9794bc3aa143d94c9555d81b823f8d0b
Analyzer Verdict Alert fortinet Malware
GET /down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9293
Expires: Wed, 25 Jan 2023 13:30:42 GMT
Date: Wed, 25 Jan 2023 10:55:49 GMT
Connection: keep-alive
12803.url.tudown.com/template/company/moban/index_files/common20200314.css
200 OK 11 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/common20200314.css
IP
ASN #137951 Clayer Limited
Hash 45e7104994ba9d28a3840e7b57fe10db
8f3fa3c7e86d69b7f7d1d87cb88db05d369084ad
d7d57f9fd8ca7419fd1151643a1a11d1f947e0ce14409758536c5f78feb7a3a7
GET /template/company/moban/index_files/common20200314.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7511-b757"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/js/orsxg5a.script
200 OK 531 B URL HTTP/1.1 12803.url.tudown.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jXwcB15mTQ/XTuToiuwtuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FIYS0h5IXgwzYoJV8yS38a4sp5Y=
12803.url.tudown.com/template/company/moban/js/push.js
200 OK 281 B URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/push.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /template/company/moban/js/push.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: application/javascript
Content-Length: 281
Last-Modified: Mon, 31 Oct 2022 07:24:37 GMT
Connection: keep-alive
ETag: "635f7835-119"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/js/jquery.js
200 OK 1.4 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/jquery.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash b0e3a6733a542de9809c5d7db72f8040
91b6e610ee2a602873c1e2d0fbea7cfa5370b4f7
3970f3998e97d13c827a4043241bdec5797f55ed3ce12939226e62f63b19d4a7
GET /template/company/moban/js/jquery.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7873-ca4"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/js/common200314.js
200 OK 7.9 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/common200314.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (582), with CRLF line terminators
Hash c63394e2ec253720b14b63812f72fdc4
acd72fdd9431629de8334bcf14f2b3eaba8455f7
13eb4601f2369316cae59b5a826dbc359bf7761e503e3f9b2681c8db6db9a68b
GET /template/company/moban/js/common200314.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7885-70d5"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/index_files/seo0327.css
200 OK 625 B URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/seo0327.css
IP
ASN #137951 Clayer Limited
Hash 711032f9fe79a8a5ad4e93ef3b5d630a
592e0c0dfa651a9e71376ad3bbbc5cbd192c991c
c97203ea0db06a934f0ebc3c9e2796891215551df15abf9f12f0edf2a076ae5d
GET /template/company/moban/index_files/seo0327.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7515-59b"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/js/hm.js
200 OK 12 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/hm.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1075), with CRLF line terminators
Hash 5edaed7ef425da9212ba1892bd7da753
341e9f19f879261b7c47b3b988fee87aa028da9e
b0d03117ba938b859d9422c740dc2ce315c3d91b78ed6bcdd6e059a1aa0808e5
GET /template/company/moban/js/hm.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:24:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f784a-781d"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43ec508fd796c65b1616c9dcc896b7f1
b0d21e4e4636c1428b4eb17960e7f0a27ca94ab0
8476b98223e285e450bad8a5762450e0a67edc72b2ccb35c63191601139f37c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8476B98223E285E450BAD8A5762450E0A67EDC72B2CCB35C63191601139F37C8"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21219
Expires: Wed, 25 Jan 2023 16:49:29 GMT
Date: Wed, 25 Jan 2023 10:55:50 GMT
Connection: keep-alive
12803.url.tudown.com/template/company/moban/js/jquery-1.js
200 OK 38 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/jquery-1.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32038), with CRLF line terminators
Hash adbc5e76397fe7c0f17d0c2f86d22aca
d7ae0f7aad6555282106498db4573df817d1ea11
6e1a6d6592d35652998b135ec2dde01b5326006bf3199a633b2bbd768725a7e6
GET /template/company/moban/js/jquery-1.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:49 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f785f-176d8"
Expires: Wed, 25 Jan 2023 22:55:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 87377a4714ff6d2aef3c4572d2f2a02a
6ed0aa6fd03c0a598f154180b74935f95085c0f9
8a2021df681aac6732de7cf0a2e247a83445eab9a831efa5eb3e340eddeb2a38
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 29 Jan 2023 08:30:36 GMT
ETag: "6ed0aa6fd03c0a598f154180b74935f95085c0f9"
Last-Modified: Wed, 25 Jan 2023 08:30:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 352
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f07a946e38fac0-OSL
api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 Jan 2023 10:55:50 GMT
12803.url.tudown.com/template/company/moban/index_files/searchbox_action.png
200 OK 6.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/searchbox_action.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 60 x 60, 16-bit/color RGBA, non-interlaced\012- data
Hash 99e950348c1a490f8fe53e5c5b1b32a6
6f79160d4f4161f19ab2058d2480f156dd5ee408
d11a69c15618f1ed03351f4b41fb7bbdbcc6b4743a44c2dad6127eb5f7b45b06
GET /template/company/moban/index_files/searchbox_action.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/png
Content-Length: 6235
Last-Modified: Mon, 31 Oct 2022 07:11:37 GMT
Connection: keep-alive
ETag: "635f7529-185b"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/352095.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/352095.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/352095.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/388166.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/388166.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/388166.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=4056275577,3402324915&fm=253&app=120&f=JPEG?w=1422&h=800
12803.url.tudown.com/uploads/images/851444.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/851444.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/851444.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1420242874,3182614276&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
12803.url.tudown.com/uploads/images/965039.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/965039.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/965039.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2388086524,458536248&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/358280.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/358280.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/358280.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=586539085,3688131098&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/90300.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/90300.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/90300.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=871172887,2474343874&fm=253&fmt=auto&app=138&f=JPEG?w=432&h=648
12803.url.tudown.com/template/company/moban/images/icon_06.png
200 OK 9.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/images/icon_06.png
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1418)
Hash 71db99eda206db69b2a6f4709779ef1e
2784fee5b16e32e2fe38b77a8fb8c23cf8df8fdb
2a0fa3918283ae62ba699f8df619dd17cd9cb10a8809345c3df1c9eb5f87a503
GET /template/company/moban/images/icon_06.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/index_files/yyh.png
200 OK 3.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/yyh.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ff16370de7effacbc2dad368909f4ce9
6797aa73900e37841cd8f26d20afbbce76ed2bd4
18d1ff6e85efd537b99aae82df385b44b02f9699df6ee5d4295069034fdfd4f0
GET /template/company/moban/index_files/yyh.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/png
Content-Length: 3307
Last-Modified: Mon, 31 Oct 2022 07:11:41 GMT
Connection: keep-alive
ETag: "635f752d-ceb"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/images/icon_01.png
200 OK 9.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/images/icon_01.png
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1376)
Hash bb45bf50eca0d7138c585cbf36fb81cd
a5f27e29e77e5f88f81a6e83b265a982e7a0ffc4
3c0b806d601753303bf7eafb30c0d8be1cc6b606df059bb93396e3f07e7af5df
GET /template/company/moban/images/icon_01.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/index_files/logo2.png
200 OK 5.7 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/logo2.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 172 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c00109aa99d34615f91984307d2d4de
3bde4746cc37110bccb5766f077002da9c251582
80b083f9300489095112b79c8af03547db4eaede2ba43ff6ac4b828e2428fc9d
GET /template/company/moban/index_files/logo2.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/png
Content-Length: 5697
Last-Modified: Mon, 31 Oct 2022 07:11:36 GMT
Connection: keep-alive
ETag: "635f7528-1641"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/index_files/close_black.png
200 OK 9.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/close_black.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 840 x 832, 8-bit/color RGBA, non-interlaced\012- data
Hash 61258db0845df63b5aef5e137b425ba7
00be51fff891b55e1b0e0ed5972b9c0c12b182b5
f65333f53a9c02d89ba24e8679788371f8076f5be618a44cddfa314cb14521e1
GET /template/company/moban/index_files/close_black.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/png
Content-Length: 9098
Last-Modified: Mon, 31 Oct 2022 07:11:30 GMT
Connection: keep-alive
ETag: "635f7522-238a"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4652
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 10:55:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4652
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 10:55:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4652
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 10:55:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 12116
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbbcba4403c1ea4e45ff47894d66e984
8555e8d6a38b78829a7dd2f10eb99bdbb254d89a
c9acd732889f9a58b085ceee3ceb8040fedb1e85ddb9f5b933960472c2f8d147
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3109
x-amzn-requestid: 89df621b-47d8-4127-8e4f-8e57f3244419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKV9hFNKIAMFtlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd9d23-0b4c0b5d2bf8c22b2ada0e9c;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 20:31:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B62xY4rlFNdJGd5ethwkCIwQTsegDVJy6s7OptIr1g_E8GvwttW2sQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 10:03:05 GMT
age: 3165
etag: "8555e8d6a38b78829a7dd2f10eb99bdbb254d89a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t15.baidu.com/it/u=586539085,3688131098&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=586539085,3688131098&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a3c9e844113c4b45cf6350ed2d0e3b7e
88a9a8c68d696c3bb5a55f0cb3a3cb0a22b9cd43
bc383e38c589f940b28261209ad2e73020c011ffc07aa15fb0c4811b1f08f06f
GET /it/u=586539085,3688131098&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpeg
Content-Length: 54384
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:08:20 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a3c9e844113c4b45cf6350ed2d0e3b7e
Age: 1390860
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:08:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache55 [4], wzix94 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 54384
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/125554.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/125554.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/125554.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3635528940,2536455021&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=304
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:47:09 GMT
age: 18521
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 946d8485d39fbe598dc6af86e735061d
4934319819697b4c89466949cd4ef93bb8b9c8b2
7bd130762bfaa189b24e3620e4a54b8e0cc7046ea2d917c37d11a8f248803840
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 5786e270-1aae-45e2-b406-ad9ce4e90c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHH8hEcBIAMFyjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5383-3b3fb6220035b4e34db73fee;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:05:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ffDYSL3N0ZZ2vGX3d94Evnu0SeEkLWwv4HRHdyUYXQ19MstDR4jROA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 09:04:06 GMT
age: 6704
etag: "4934319819697b4c89466949cd4ef93bb8b9c8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 46155
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: eaa1dff1-44ea-47ff-b211-1dd709d9b259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5IGAHIAMFm9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-3ccb4f9322744f546fff8a9a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ImH7pi4LZOZo6IqNquoa5C97jI9U0LdwbEKSDU1Cf4R9pITWYhyAw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:04:43 GMT
age: 24668
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 25 Jan 2023 10:55:50 GMT
Etag: "4078521116"
Expires: Thu, 25 Jan 2024 10:55:50 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=2188DA3BE04243B12136EA3EA9031E84:FG=1; max-age=31536000; expires=Thu, 25-Jan-24 10:55:50 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1390423659&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=28293&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E7%2583%25AD%25E8%25A1%2580%25E9%2595%25BF%25E5%25AE%2589%25E7%25AC%25AC%25E4%25BA%258C%25E5%25AD%25A3%40402_2.exe&tt=%E6%BE%B3%E9%97%A8%E6%98%9F%E9%99%85%E7%9C%9F%E4%BA%BA%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1390423659&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=28293&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E7%2583%25AD%25E8%25A1%2580%25E9%2595%25BF%25E5%25AE%2589%25E7%25AC%25AC%25E4%25BA%258C%25E5%25AD%25A3%40402_2.exe&tt=%E6%BE%B3%E9%97%A8%E6%98%9F%E9%99%85%E7%9C%9F%E4%BA%BA%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1390423659&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=28293&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E7%2583%25AD%25E8%25A1%2580%25E9%2595%25BF%25E5%25AE%2589%25E7%25AC%25AC%25E4%25BA%258C%25E5%25AD%25A3%40402_2.exe&tt=%E6%BE%B3%E9%97%A8%E6%98%9F%E9%99%85%E7%9C%9F%E4%BA%BA%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Jan 2023 10:55:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9D5FF684D3D58CF0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12803.url.tudown.com/template/company/moban/index_files/icon_04.png
200 OK 3.0 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/icon_04.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cfb3c0eccae9226e14ecc2f1642b6f35
b2b6497c7b8441cf2562ec555ed6a5465aacd8d9
44058ef0ee0a2252592665923108686538ac74c78ef05131fb47b455d562965d
GET /template/company/moban/index_files/icon_04.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/png
Content-Length: 3044
Last-Modified: Mon, 31 Oct 2022 07:11:34 GMT
Connection: keep-alive
ETag: "635f7526-be4"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/index_files/icon_03.png
200 OK 3.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/icon_03.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 26cf006988edd9c4eb048a12f20d8f12
f5875a0dfadf0b2d7ba040de986d3e92ec4f2992
87510ec460049035d8d4bdd190024b2f297df37e1fd36f5eb122cc12737cbc23
GET /template/company/moban/index_files/icon_03.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:50 GMT
Content-Type: image/png
Content-Length: 3164
Last-Modified: Mon, 31 Oct 2022 07:11:32 GMT
Connection: keep-alive
ETag: "635f7524-c5c"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/63324.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/63324.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/63324.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1365795741,2920828588&fm=224&app=112&f=JPEG?w=500&h=500
api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 Jan 2023 10:55:51 GMT
12803.url.tudown.com/uploads/images/246472.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/246472.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/246472.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/729887.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/729887.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/729887.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
t14.baidu.com/it/u=1365795741,2920828588&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 41 kB URL HTTP/1.1 t14.baidu.com/it/u=1365795741,2920828588&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 06cd77176e6f9f01cd235cd96c6b2cb1
5aab30ed819aae00992934481b6f26d20966b301
15239f6f830e97dbee66fc29cbb1c23732667be09ef560b10b6017a59bf47522
GET /it/u=1365795741,2920828588&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 40568
Connection: keep-alive
Expires: Sat, 04 Feb 2023 14:54:10 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 06cd77176e6f9f01cd235cd96c6b2cb1
Age: 1390862
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 14:54:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache62 [1], qdix79 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40568
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/66099.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/66099.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/66099.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1369910980,3349650172&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 69 kB URL HTTP/1.1 t14.baidu.com/it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fe2b7036359fe3544fcf5aa8162518cc
04cafb2c01398c9605c2264f7ef2c806b75cf811
bdd322ec858dcb131b485a92c9d52573bb0a3c1e30005b7a2a65f5b4cc7d45d6
GET /it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 69288
Connection: keep-alive
Expires: Sun, 05 Feb 2023 17:41:47 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: fe2b7036359fe3544fcf5aa8162518cc
Age: 1168076
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 17:41:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache62 [1], qdix91 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 69288
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/11645.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/11645.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/11645.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=714432225,3415042269&fm=253&app=120&f=JPEG?w=1280&h=800
t14.baidu.com/it/u=1369910980,3349650172&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 25 kB URL HTTP/1.1 t14.baidu.com/it/u=1369910980,3349650172&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2d87d3c633b0f99d8091e11cccd56ea5
a5140a4819d83799630307b92102292f9c9bcdbc
c628358c81d5fbcdd5d17a545602af17a083a9cf51ab8930edbacc4fce600486
GET /it/u=1369910980,3349650172&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 24792
Connection: keep-alive
Expires: Thu, 26 Jan 2023 01:10:09 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 2d87d3c633b0f99d8091e11cccd56ea5
Age: 2100411
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 01:10:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache60 [1], bdix231 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24792
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/511629.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/511629.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/511629.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083
img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dcd362b1ddfc8d68597a59f74d54b570
fdf68f16ea6b6ff1dcf83de8fbc7ef94f0a8c06d
bdec33cdb146c96b089d4f6cf722f875b11ad17ae78f29890b833d3cce3d974e
GET /it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 28148
expires: Sun, 19 Feb 2023 19:17:01 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: dcd362b1ddfc8d68597a59f74d54b570
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 19:17:01 GMT
ohc-cache-hit: ntct51 [1], czix51 [4]
ohc-file-size: 28148
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/625590.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/625590.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/625590.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3080319409,1517301397&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=335
12803.url.tudown.com/uploads/images/782382.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/782382.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/782382.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9
img2.baidu.com/it/u=1420242874,3182614276&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=1420242874,3182614276&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27fa8dbb7523676be1555ed738a20777
dd185fc6f5bb31b78bcd1b85069da17bed59eaed
10147d6120b881786022fd620a9f6ca9f05d3fb66cd2cc73fab61993ccece5e8
GET /it/u=1420242874,3182614276&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 16042
expires: Fri, 17 Feb 2023 10:41:11 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 27fa8dbb7523676be1555ed738a20777
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 10:41:11 GMT
ohc-cache-hit: cd6ct70 [1], qdix183 [2]
ohc-file-size: 16042
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/16197.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/16197.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/16197.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066
12803.url.tudown.com/uploads/images/319263.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/319263.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/319263.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1585576864,1734690975&fm=253&app=120&f=JPEG?w=1422&h=800
t15.baidu.com/it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9
200 OK 71 kB URL HTTP/1.1 t15.baidu.com/it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c5369277a3985d0507de22ed1eb8a68e
fca891e56b722521fab9c8fe9b8799a69507591e
f2789265a2ef9d1f19e30c94c0009a1ace2722d71363b55437a6cd4aa25529a3
GET /it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 70752
Connection: keep-alive
Expires: Tue, 14 Feb 2023 04:31:16 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: c5369277a3985d0507de22ed1eb8a68e
Age: 885468
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 04:31:16 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache51 [1], czix85 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 70752
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/20657.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/20657.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/20657.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4290928192,2726554064&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=820
img1.baidu.com/it/u=4056275577,3402324915&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 144 kB URL HTTP/1.1 img1.baidu.com/it/u=4056275577,3402324915&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 144 kB (144259 bytes)
Hash df98b211c92c438818ee6d9ed230e766
d69646c07c7a0d16baf8bee45511b473dbc14fb6
055bc0a3c4fee1f080bcacdb4c0626fdee837eb9f7b751a47b0c1b263c08b980
GET /it/u=4056275577,3402324915&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 144259
Connection: keep-alive
Expires: Sat, 11 Feb 2023 22:03:01 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: df98b211c92c438818ee6d9ed230e766
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 22:03:01 GMT
Ohc-Cache-HIT: ntct53 [2], suzix197 [2]
Ohc-File-Size: 144259
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/881526.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/881526.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/881526.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500
12803.url.tudown.com/uploads/images/6870.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/6870.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/6870.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=260464696,3372985220&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=710
12803.url.tudown.com/uploads/images/250249.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/250249.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/250249.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800
img1.baidu.com/it/u=2388086524,458536248&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
200 OK 60 kB URL HTTP/2 img1.baidu.com/it/u=2388086524,458536248&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6d441cc5fc6dbc281045b6b7dffe9492
34e2b6a026cb7d0f4468401b84228fe1d8747ed4
84f814b970444587c613c5166474bbcd706cc736b12043ed3ffac7d30ccad4d4
GET /it/u=2388086524,458536248&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 59994
expires: Thu, 02 Feb 2023 10:43:18 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 6d441cc5fc6dbc281045b6b7dffe9492
age: 898174
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 10:43:18 GMT
ohc-cache-hit: ntct52 [4], wzix94 [4]
ohc-file-size: 59994
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/26786.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/26786.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/26786.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3971487672,106391012&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/544758.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/544758.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/544758.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665
t14.baidu.com/it/u=3971487672,106391012&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 62 kB URL HTTP/1.1 t14.baidu.com/it/u=3971487672,106391012&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 94e452facf568aa9dd31d6aac5bea0b5
9ff830990fd1ff2c7260dc5403fec2464fbfe176
48061453edd6508196a87477352ee69731a56076ce2ace41e2fd757df05dd845
GET /it/u=3971487672,106391012&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 61970
Connection: keep-alive
Expires: Tue, 31 Jan 2023 17:11:03 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 94e452facf568aa9dd31d6aac5bea0b5
Age: 1172197
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 17:11:03 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache61 [2], csix94 [4]
Ohc-Response-Time: 1 0 0 0 0 1
Ohc-File-Size: 61970
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083
200 OK 55 kB URL HTTP/2 img2.baidu.com/it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1083, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2f3af1378b4a9f9c444cb2126fe543d
7b120ccb285ab5a9a3052c19a9e846ae411a4b21
8b40c349ac59592a77c7fdfb1b0dcef906c4fc05e814981ae7d71878b2055801
GET /it/u=1794163771,3715706199&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1083 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 55296
expires: Mon, 20 Feb 2023 08:32:19 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f2f3af1378b4a9f9c444cb2126fe543d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 08:32:19 GMT
ohc-cache-hit: cd6ct64 [1], suzix96 [2]
ohc-file-size: 55296
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/151879.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/151879.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/151879.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3496308016,1137968460&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/232537.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/232537.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/232537.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3622591789,2701578342&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=3496308016,1137968460&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 35 kB URL HTTP/1.1 t13.baidu.com/it/u=3496308016,1137968460&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 02467fa34bd68198597be4cb366f824b
8bd151490a76be413ba769a8fced9fe9efb9694d
c55dc45c6f752aed105e2938bae59bbe9fa6190286a907f14234eb8f32d7d870
GET /it/u=3496308016,1137968460&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 35113
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:11:53 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 02467fa34bd68198597be4cb366f824b
Age: 1007011
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:11:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache64 [1], wzix97 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35113
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=871172887,2474343874&fm=253&fmt=auto&app=138&f=JPEG?w=432&h=648
200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=871172887,2474343874&fm=253&fmt=auto&app=138&f=JPEG?w=432&h=648
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3e4689675fd6b23c3627a77d293001d8
4bc94dece04f0db61bd70012a6c4bd74e611e4d2
c1b7ebb046bf77a7ad6e299f63541e7975721bc976c68851ad5fb0735b6242b8
GET /it/u=871172887,2474343874&fm=253&fmt=auto&app=138&f=JPEG?w=432&h=648 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 35680
expires: Fri, 10 Feb 2023 08:36:19 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3e4689675fd6b23c3627a77d293001d8
age: 201269
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 08:36:19 GMT
ohc-cache-hit: ntct54 [4], wzix54 [4]
ohc-file-size: 35680
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500
200 OK 37 kB URL HTTP/2 img2.baidu.com/it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 701x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d0a950b3c26f477d192d8cf972dd53ec
0cb1bc561504b7e1b3d99c1cf4b2f232e1f33184
6f20af05aaaa0f1e7b5bb8ee0017e13d6252209baf765b675caab7cc8ff4a023
GET /it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 36844
expires: Mon, 06 Feb 2023 04:09:00 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d0a950b3c26f477d192d8cf972dd53ec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:08:59 GMT
ohc-cache-hit: cd6ct83 [1], qdix83 [2]
ohc-file-size: 36844
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3635528940,2536455021&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=304
200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=3635528940,2536455021&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=304
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 641x304, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 56ff51405126934a61f544da946201e5
611dea7c0e26bcfbcb038f4308e69f9cf36ee925
b5cedd63e311eed0caae8ff71a9c7916cf0b841ae2ec9a597bacd6c68f28e6b2
GET /it/u=3635528940,2536455021&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=304 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 23584
expires: Mon, 20 Feb 2023 03:41:12 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 56ff51405126934a61f544da946201e5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 03:41:12 GMT
ohc-cache-hit: ntct55 [1], czix207 [4]
ohc-file-size: 23584
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3080319409,1517301397&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=335
200 OK 4.2 kB URL HTTP/2 img0.baidu.com/it/u=3080319409,1517301397&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=335
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x335, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f773862cf8c6b4b80eba0ba7a78738b8
768d3b2724eb0cb7ae629e9e658a50628d5edc79
d88bd5cb72bc84e71cead7b46f4a412c9683da67ae3eb4469c9f57fc15c042c7
GET /it/u=3080319409,1517301397&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=335 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 4178
expires: Fri, 24 Feb 2023 04:18:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f773862cf8c6b4b80eba0ba7a78738b8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 04:18:03 GMT
ohc-cache-hit: ntct66 [1], qdix115 [4]
ohc-file-size: 4178
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/336728.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/336728.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/336728.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2186426258,3458583446&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=253
img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
200 OK 33 kB URL HTTP/2 img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x754, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2e65f3fcf42668ed17357e5f286bfc6
a5342d7a36129f9231b3d90b5984a563c3b30829
6b43bcdca7015d4ba6c8c4610acf939491d8fdd27629b62b8465bd7ee464c3dc
GET /it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 33002
expires: Fri, 27 Jan 2023 08:50:44 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d2e65f3fcf42668ed17357e5f286bfc6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 08:50:44 GMT
ohc-cache-hit: ntct57 [1], xaix93 [4]
ohc-file-size: 33002
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/501692.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/501692.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/501692.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2398767598,3256640471&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/349125.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/349125.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/349125.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/60973.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/60973.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/60973.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3244913756,3321988933&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=2398767598,3256640471&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 35 kB URL HTTP/1.1 t13.baidu.com/it/u=2398767598,3256640471&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 72854a78ef6074a83530e46fbb9d77bf
616344d1cd0ae1c102fb7d05ad0de32e5e8689e1
642c8a61f009c4c884ce68acc94ba8abdbab52a7c89a29aadc7d75113dcd4de8
GET /it/u=2398767598,3256640471&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 34723
Connection: keep-alive
Expires: Mon, 13 Feb 2023 07:18:23 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 72854a78ef6074a83530e46fbb9d77bf
Age: 896543
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 07:18:23 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache59 [1], xaix240 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34723
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066
200 OK 50 kB URL HTTP/2 img0.baidu.com/it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1066, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb38cec0ab2a5a57560aee22a763f4c2
74ac5c3a22542e7d4cd45f4be944a8cf57b48b86
0efe946c4bdb5b973331cae8ed855089a4b9fa276ec99736881f402d04f6f524
GET /it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 49550
expires: Mon, 20 Feb 2023 01:48:52 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: cb38cec0ab2a5a57560aee22a763f4c2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 01:48:52 GMT
ohc-cache-hit: ntct60 [1], qdix244 [2]
ohc-file-size: 49550
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3622591789,2701578342&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 78 kB URL HTTP/1.1 t15.baidu.com/it/u=3622591789,2701578342&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0610e3be748273f22971a1e55547346d
f481f228fd6010e9c190b55e8baa60c30ebe0997
81a56fed5885bdb30af156c69b7d264ed8dbc7dfa4ede5ad498899ff7ec886cc
GET /it/u=3622591789,2701578342&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 78444
Connection: keep-alive
Expires: Sun, 05 Feb 2023 17:42:36 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 0610e3be748273f22971a1e55547346d
Age: 1171542
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 17:42:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], jnuncache86 [1], xaix109 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 78444
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 57 kB URL HTTP/1.1 t14.baidu.com/it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d7872d6928c818165a1b26061adecc1a
10e696c5cbe8ee0fef1c7462cbf4dda3d69e298a
2a5fc5895a0eac9f632adb9cb9f5cc9b6f82fc25b0ea1d55e89df3f58bae8250
GET /it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 57027
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:20:47 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: d7872d6928c818165a1b26061adecc1a
Age: 1233343
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 12:20:47 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache54 [4], czix128 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57027
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/23332.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/23332.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/23332.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=937101184,58388005&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
t15.baidu.com/it/u=3244913756,3321988933&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 41 kB URL HTTP/1.1 t15.baidu.com/it/u=3244913756,3321988933&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ff1f19377ac25ffafb39cef45fad48d2
e9e172b076614e2f69a600b6af37a3a1aa353799
a5d941b129f07761ed9eb4a3a888599dee373294f7c61943b04c4561a30c764f
GET /it/u=3244913756,3321988933&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 40709
Connection: keep-alive
Expires: Fri, 17 Feb 2023 15:51:35 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: ff1f19377ac25ffafb39cef45fad48d2
Age: 544744
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 15:51:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache57 [1], qdix128 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40709
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=714432225,3415042269&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 96 kB URL HTTP/1.1 img0.baidu.com/it/u=714432225,3415042269&fm=253&app=120&f=JPEG?w=1280&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 12430e10856b28f82ed5640e609e83fc
8c6d02a7b45f07b27b40f9fc5aa780f83492996c
171a1b95646917ade47590cc9b10833f26be227677ae1c6ca768294dc6a31c39
GET /it/u=714432225,3415042269&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 96020
Connection: keep-alive
Expires: Fri, 10 Feb 2023 06:52:49 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 12430e10856b28f82ed5640e609e83fc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 06:52:49 GMT
Ohc-Cache-HIT: wh4ct64 [1], wzix64 [4]
Ohc-File-Size: 96020
X-Cache-Status: MISS
img1.baidu.com/it/u=4290928192,2726554064&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=820
200 OK 61 kB URL HTTP/2 img1.baidu.com/it/u=4290928192,2726554064&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=820
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x820, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f4a62d0fc9dacfbc90ca0e8e1b636433
6ecc2e4f904ee25b34c6f5e33a017d081ff15785
d822d9f28e14f224753d73f4bf57a66cf2342fcb331f68b0a05b74e1d63ae00d
GET /it/u=4290928192,2726554064&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=820 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:51 GMT
content-type: image/webp
content-length: 60754
expires: Tue, 21 Feb 2023 03:39:44 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f4a62d0fc9dacfbc90ca0e8e1b636433
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:39:44 GMT
ohc-cache-hit: ntct60 [1], czix113 [4]
ohc-file-size: 60754
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/490478.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/490478.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/490478.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
img0.baidu.com/it/u=260464696,3372985220&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=710
200 OK 44 kB URL HTTP/2 img0.baidu.com/it/u=260464696,3372985220&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=710
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x710, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad75707b5d5a0d077a5ddd14ba3a5c2e
ffd14b44e8f0c4214cf2ec61ef04c08faeb08b29
b84e6c414a2dddd0f1d2ba16b14da48c372e081f52ba4c6d2db4a5d78ba26c45
GET /it/u=260464696,3372985220&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=710 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 44094
expires: Fri, 24 Feb 2023 09:59:23 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: ad75707b5d5a0d077a5ddd14ba3a5c2e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 09:59:23 GMT
ohc-cache-hit: ntct65 [1], wzix74 [4]
ohc-file-size: 44094
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/moban/index_files/chakan.png
200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/chakan.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash acb0ada0040b83568aac894905d88cca
90c3924ecf672018cdc013d30716966b196ccbda
0511b79ede1d0228f1ecd14d917e26e8613a7e7b99f31b7bc66fae4285bdd4d6
GET /template/company/moban/index_files/chakan.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/png
Content-Length: 1469
Last-Modified: Mon, 31 Oct 2022 07:11:28 GMT
Connection: keep-alive
ETag: "635f7520-5bd"
Accept-Ranges: bytes
img2.baidu.com/it/u=2186426258,3458583446&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=253
200 OK 7.0 kB URL HTTP/2 img2.baidu.com/it/u=2186426258,3458583446&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=253
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fb2e26201587e36f0541d81a8d86b2d5
32ffcbaff071a84c1ab06d0722e0f32021ad941e
c0962e2804213159db85bef7a020faa8b88b045c34056bd5642cafa3533674d5
GET /it/u=2186426258,3458583446&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=253 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 6972
expires: Tue, 14 Feb 2023 09:34:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: fb2e26201587e36f0541d81a8d86b2d5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 09:34:51 GMT
ohc-cache-hit: cd6ct67 [1], bdix221 [4]
ohc-file-size: 6972
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/159699.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/159699.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/159699.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=4006431708,1076776729&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1240
12803.url.tudown.com/uploads/images/129705.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/129705.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/129705.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/142853.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/142853.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/142853.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2936475958,3135881006&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=370
img0.baidu.com/it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800
200 OK 117 kB URL HTTP/2 img0.baidu.com/it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image\012- data
Size 117 kB (117290 bytes)
Hash a7e384f8250b763c9c7e26a4eff5dfca
f93ea6c676bbf9bdd08786e480e95f7296b2b127
040c7186f9922a1a7c426355b02a5c3268dc6b6b5b688a4bc8de6ce8f14176b2
GET /it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 117290
expires: Fri, 17 Feb 2023 18:39:38 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a7e384f8250b763c9c7e26a4eff5dfca
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 18:39:38 GMT
ohc-cache-hit: ntct53 [1], xaix192 [4]
ohc-file-size: 117290
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/moban/index_files/shoucang.png
200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/shoucang.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 112dd72135aceaef7b25583061398368
73d3f2825122e66564122f1d8e87065b71c9ac33
5f5dc0b4419a3e37547d82c55b1332b6c421d382067cf542dadb3c65a4fa066f
GET /template/company/moban/index_files/shoucang.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/png
Content-Length: 1456
Last-Modified: Mon, 31 Oct 2022 07:11:39 GMT
Connection: keep-alive
ETag: "635f752b-5b0"
Accept-Ranges: bytes
img0.baidu.com/it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665
200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x665, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8086b3358eb562775feca67cd52a661c
e59eaace3214a29a8fa4a58815e50b8317d018ef
6fc9b0417f2dd935974fa5f38348589d42e010c88e5a7fc560050329210944a8
GET /it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 19004
expires: Mon, 20 Feb 2023 06:15:14 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8086b3358eb562775feca67cd52a661c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:15:14 GMT
ohc-cache-hit: ntct59 [1], qdix59 [4]
ohc-file-size: 19004
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=937101184,58388005&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
200 OK 2.8 kB URL HTTP/2 img0.baidu.com/it/u=937101184,58388005&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79aac47172ddcfd2d9547b524d54d3c5
bb23a6677d3f6201a4553dcdaa54cb77e77d40a9
5aca9d58dc4ad99be06212014c28d2cf7d0b4e4c2120d8e4e89a1824b855c9ed
GET /it/u=937101184,58388005&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 2776
expires: Tue, 31 Jan 2023 23:01:05 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 79aac47172ddcfd2d9547b524d54d3c5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 23:01:05 GMT
ohc-cache-hit: ntct59 [1], csix59 [4]
ohc-file-size: 2776
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1585576864,1734690975&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 146 kB URL HTTP/1.1 img1.baidu.com/it/u=1585576864,1734690975&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 146 kB (145986 bytes)
Hash fbed7f5ed4a0e28e92b3833643ee2e4a
43d5cc4b23f91d9a4653cc1acbb7c7f9308c8188
fcbbba41189f9ac0c1599b005a3ae0a6c7b1c0939b56eec13de06b2a41d802b4
GET /it/u=1585576864,1734690975&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:51 GMT
Content-Type: image/jpeg
Content-Length: 145986
Connection: keep-alive
Expires: Sun, 05 Feb 2023 05:11:30 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: fbed7f5ed4a0e28e92b3833643ee2e4a
Age: 1164191
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 05:11:30 GMT
Ohc-Cache-HIT: ntct66 [3], xiangyix174 [2]
Ohc-File-Size: 145986
X-Cache-Status: HIT
t15.baidu.com/it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 57 kB URL HTTP/1.1 t15.baidu.com/it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a7b8372bbd65c0501fe5222fbbb7a157
9900f6f2591adb48f8a6347bb56d5e2826bb0a20
e28758883cb1afee1a7cd87f54a8afda786be43a0748a576e77151305c933f8f
GET /it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpeg
Content-Length: 56948
Connection: keep-alive
Expires: Tue, 14 Feb 2023 01:27:45 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: a7b8372bbd65c0501fe5222fbbb7a157
Age: 898087
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 01:27:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache56 [1], csix96 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56948
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
200 OK 1.3 kB URL HTTP/2 img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57242c1a3755a42e8e2c9aeaf2fb97cf
c8ad1e5b7ff69f8c27384dc72b58b057ec802990
f5c94cc47e01b8517274196d2bfba567bd872b91cf6347319a74d25f33261e78
GET /it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 1282
expires: Tue, 21 Feb 2023 02:37:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 57242c1a3755a42e8e2c9aeaf2fb97cf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:37:21 GMT
ohc-cache-hit: ntct55 [1], suzix55 [4]
ohc-file-size: 1282
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/209756.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/209756.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209756.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1843634009,3870150390&fm=253&app=120&f=JPEG?w=1422&h=800
img1.baidu.com/it/u=4006431708,1076776729&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1240
200 OK 61 kB URL HTTP/1.1 img1.baidu.com/it/u=4006431708,1076776729&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1240
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1dde8c4046d3aff5d0148ddd7404542a
ef1c933cfaede9178ef7aeac7ed5ab776e12ead9
b36eef80f0135db1cca68c959ca2bcbabb41e4390d634ec6e3149ae6f543e8fd
GET /it/u=4006431708,1076776729&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1240 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/webp
Content-Length: 61380
Connection: keep-alive
Expires: Thu, 16 Feb 2023 15:02:01 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1dde8c4046d3aff5d0148ddd7404542a
Age: 542047
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 15:02:01 GMT
Ohc-Cache-HIT: ntct59 [4], czix234 [4]
Ohc-File-Size: 61380
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/644653.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/644653.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/644653.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1368594584,864307569&fm=224&app=112&f=JPEG?w=500&h=499
t13.baidu.com/it/u=1368594584,864307569&fm=224&app=112&f=JPEG?w=500&h=499
200 OK 11 kB URL HTTP/1.1 t13.baidu.com/it/u=1368594584,864307569&fm=224&app=112&f=JPEG?w=500&h=499
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x499, components 3\012- data
Hash 4ffc626ae08a23fa5b3ab08591932669
aabf118f88c40610ff0fd376d4cb1d7b4587a161
ff7378a876a408dd43183d5d7d5eab94cc67df84215a6384ae3f09d85ef3a442
GET /it/u=1368594584,864307569&fm=224&app=112&f=JPEG?w=500&h=499 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:53 GMT
Content-Type: image/jpeg
Content-Length: 11217
Connection: keep-alive
Expires: Mon, 06 Feb 2023 21:04:38 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 4ffc626ae08a23fa5b3ab08591932669
Age: 1172884
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 21:04:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache57 [1], wzix101 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 11217
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2936475958,3135881006&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=370
200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=2936475958,3135881006&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=370
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 580x370, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 42e6c27ec95222584a4676b9f707e179
f5f235e7acffce797a24c4abbae55a6acea76a4c
d01837348fd54d1c1f36b00c166a77e07e10d0baf1ca6b15c2986a1e4bbdb0d1
GET /it/u=2936475958,3135881006&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=370 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:52 GMT
content-type: image/webp
content-length: 30018
expires: Wed, 22 Feb 2023 04:37:38 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 42e6c27ec95222584a4676b9f707e179
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 04:37:38 GMT
ohc-cache-hit: cd6ct80 [1], czix230 [2]
ohc-file-size: 30018
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/moban/images/footer_line.png
200 OK 9.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/images/footer_line.png
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1396)
Hash 7c06326829125cbb34ee707e1eeb216e
bc7b00b9e3b9d4312ed8724720685cc26acbb92a
303d460465ffd8389ed0926e6d0983c5a10237744660fc3390acd4d880be75e6
GET /template/company/moban/images/footer_line.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img0.baidu.com/it/u=1843634009,3870150390&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 140 kB URL HTTP/1.1 img0.baidu.com/it/u=1843634009,3870150390&fm=253&app=120&f=JPEG?w=1422&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 140 kB (139537 bytes)
Hash 42d021d7f45e5292b84864f970b21a24
3cf03b1ca99e1536e7d785555ac084e97c76b290
c75fe0e024d2be19b7b655cced42ca2d8a7f3a9622ca7b2d7476a4349c24320c
GET /it/u=1843634009,3870150390&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:53 GMT
Content-Type: image/jpeg
Content-Length: 139537
Connection: keep-alive
Expires: Wed, 01 Feb 2023 17:44:05 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 42d021d7f45e5292b84864f970b21a24
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 17:44:05 GMT
Ohc-Cache-HIT: wh4ct67 [2], qdix139 [4]
Ohc-File-Size: 139537
X-Cache-Status: MISS
12803.url.tudown.com/template/company/moban/index_files/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/favicon.ico
IP
ASN #137951 Clayer Limited
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 82255b6cc962e6ae6e19b381abacce63
89a73ff1e607fd4dfb5a4fc3d6e1d0d1ec4a2e8e
d7358a12adcb1b04c97af316d799cb4f4d807fe2901e8e162b5d101d4ac9d2d3
GET /template/company/moban/index_files/favicon.ico HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E7%83%AD%E8%A1%80%E9%95%BF%E5%AE%89%E7%AC%AC%E4%BA%8C%E5%AD%A3@402_2.exe
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1674644148
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:53 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 31 Oct 2022 09:44:24 GMT
Connection: keep-alive
ETag: "635f98f8-47e"
Accept-Ranges: bytes
154.218.151.71
104.18.20.226
95.101.11.115
34.160.144.191
182.61.240.101