Report - 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134

Report Overview

Submitted URL
12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
IP
154.218.151.71
ASN
#137951 Clayer Limited
Submitted
2023-02-04 15:55:46
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.160.45.85
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	60 kB	34.120.237.76
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	290 B	750 B	180.101.212.103
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.9 kB	104.18.20.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	380 B	114 B	39.156.68.163
s.360.cn	19814	2012-07-10T18:01:51Z	2023-03-13T09:22:08Z	475 B	238 B	101.198.2.147
t13.baidu.com	32653	2021-01-09T14:57:25Z	2023-03-12T11:23:14Z	2.1 kB	222 kB	185.10.104.124
t14.baidu.com	32559	2021-01-22T21:20:42Z	2023-03-12T11:23:14Z	1.8 kB	182 kB	185.10.104.124
t15.baidu.com	33050	2021-01-09T17:16:17Z	2023-03-12T11:23:14Z	1.1 kB	180 kB	185.10.104.124
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.76.226
12931.url.tudown.com	unknown	2019-02-26T05:30:18Z	2023-03-02T09:19:42Z	32 kB	263 kB	154.218.151.71
jspassport.ssl.qhimg.com	82940	2015-06-19T09:16:50Z	2023-03-13T05:33:17Z	406 B	492 B	54.230.111.58
img0.baidu.com	50126	2021-03-25T13:17:59Z	2023-03-12T11:23:13Z	9.5 kB	613 kB	125.74.42.35
img2.baidu.com	50786	2021-03-25T13:17:58Z	2023-03-12T11:23:13Z	5.6 kB	540 kB	125.74.42.35
s.ssl.qhres2.com	89936	2021-10-26T00:09:20Z	2023-03-13T05:33:18Z	379 B	1.1 kB	54.230.111.4
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	1.2 kB	12 kB	103.235.46.191
img1.baidu.com	50158	2021-03-25T13:17:58Z	2023-03-12T11:23:15Z	4.0 kB	512 kB	125.64.104.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
ocsp.crlocsp.cn	175388	2020-04-10T16:39:04Z	2023-03-13T08:27:27Z	339 B	872 B	101.198.193.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	Malware
2023-02-04	medium	12931.url.tudown.com/js/orsxg5a.script	Malware
2023-02-04	medium	12931.url.tudown.com/template/company/955yx/js/searchword.js	Malware
2023-02-04	medium	12931.url.tudown.com/template/company/955yx/js/week_rank.js	Malware
2023-02-04	medium	12931.url.tudown.com/template/company/955yx/js/script_index2.js	Malware
2023-02-04	medium	12931.url.tudown.com/template/company/955yx/js/api.js	Malware
2023-02-04	medium	12931.url.tudown.com/template/company/955yx/js/gb.js	Malware
2023-02-04	medium	12931.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js	Malware
2023-02-04	medium	12931.url.tudown.com/static/api/http://12931.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465422	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	12931.url.tudown.com/template/company/955yx/js/searchword.js	4.0 kB	2023-03-12	2023-10-24
Pretty URL 12931.url.tudown.com/template/company/955yx/js/searchword.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:08:24 Last Seen2023-10-24 19:35:40 Times Seen307 Hash 8d60e9d0d1342c3a48b2d0419c24bd20 b17fe5fe02c4ea6f70f5992dfe6e349cb706a878 16a18537cbf03e45953477c8fe12b6690a799f15575dffbdfcb6dae3a84df77c Loading...

	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	377 B	2023-03-12	2023-04-09
Pretty URL 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:49:39 Last Seen2023-04-09 08:27:31 Times Seen6 Hash 240ffa374a14dbd2fa7d653506e0e3f6 748abd62530b6340b1d838e03d575bb98c4ee81f 849913369482631b3974745f28730b45e746c3f58d244fa36b6381c2e537dac1 Loading...

	s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js	478 B	2023-03-07	2024-04-25
Pretty URL s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js IP 54.230.111.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:56 Last Seen2024-04-25 10:56:19 Times Seen2401 Hash 5dd27f8f2b042194c3cdabd62fd80110 c035036a939799d4c29b9c0f7229ae1953d03109 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a Loading...

	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	254 B	2023-03-09	2023-12-23
Pretty URL 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:02:19 Last Seen2023-12-23 16:26:58 Times Seen1789 Hash c86ce41b80900dd60765c9dddb425e66 29681365731cf7d3bbaf1cf9d121090ef34624a5 a7d6678bd92dd9f38310914883d14c408d73826eeccbe32b7cdaf9f77c6c589b Loading...

	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	203 B	2023-03-12	2023-04-22
Pretty URL 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:37 Last Seen2023-04-22 04:15:56 Times Seen299 Hash 07cb696e67abd7114f27a401542b9e41 41736483962044cfacf98bd0e52ce48580c6defa 7e9f0a1f73de7e28f37bcfc500a10ae14c245a16020b85741de2960504dfda7a Loading...

	jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba	106 B	2023-03-07	2024-04-25
Pretty URL jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba IP 54.230.111.58 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:56 Last Seen2024-04-25 10:56:17 Times Seen1003 Hash fdffada99a6e326385c9d6d22006b6c8 f69101fdeeb5282659ebffa17ec82e89a0cd09f9 c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955 Loading...

	12931.url.tudown.com/template/company/955yx/js/gb.js	30 kB	2023-03-12	2023-10-24
Pretty URL 12931.url.tudown.com/template/company/955yx/js/gb.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:08:24 Last Seen2023-10-24 19:35:40 Times Seen304 Hash 13a2674dadfca44c2045c95326bc0e58 c1acd63f4ee088f4dee816891bd3d1755fc43e05 77c2b039e831224c4e2aa191faf12f9bd5129afb255a000aae27a32a45c4fa1a Loading...

	12931.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js	105 kB	2023-03-12	2023-10-24
Pretty URL 12931.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:08:24 Last Seen2023-10-24 19:35:40 Times Seen351 Hash 8863bdd7f7fe5848592bff2c09143e1a 331f37f2aed6810d21e2228c8a09f27295edc421 940897dee05b029e9f2611c314893ee723ee8d35bbc804a622f9e4b2818a22f3 Loading...

	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	445 B	2023-03-12	2023-04-22
Pretty URL 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:37 Last Seen2023-04-22 04:15:56 Times Seen299 Hash 476e614f8d9af463d70e19ebf88cc8e0 83f4e5da14fff7db70591ddb05f2996789ee7994 e14aa0a7deb62b9689555813981f859299e8c5f98ddbc2b310d67349c1fd952f Loading...

	12931.url.tudown.com/template/company/955yx/js/api.js	22 B	2023-03-12	2023-10-24
Pretty URL 12931.url.tudown.com/template/company/955yx/js/api.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:08:24 Last Seen2023-10-24 19:35:40 Times Seen308 Hash 143a35d673d243f56603ac04a89d8099 677acddc2a341ec711d74ecfd05bb919208c23df ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f Loading...

	hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:52:05 Last Seen2023-03-13 16:52:05 Times Seen1 Hash 6ee5b868ceab567d9b5cbd5ee1031a81 49c8de66b520def44e13953e453712861ab38a7e 299c926eb8d8c62bb07bac4db20766514c0d10f0d96a079f655fd0ab707d36ed Loading...

	12931.url.tudown.com/js/orsxg5a.script	944 B	2023-03-12	2023-03-18
Pretty URL 12931.url.tudown.com/js/orsxg5a.script IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:02:34 Last Seen2023-03-18 07:38:54 Times Seen1 Hash 115782a87f98ee819affba9c5fc37d4e e3e7eb2067add7793da4221acd4edc9776600c41 54f9e7c3cf8bb6599a306d4cf9a19259071fc3dab0865d538c8e03335889194b Loading...

	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	802 B	2023-03-12	2023-04-22
Pretty URL 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:37 Last Seen2023-04-22 04:15:56 Times Seen299 Hash 41f8b24f3016e2bcd2a6a26c37b52f4c c0dbe5916484ea885d98b22841fe588ccd68628c 4826cbcbccd6e2f40a5fc3796599858ecd6341333394e8fad48f7fe87de052d9 Loading...

	12931.url.tudown.com/template/company/955yx/js/week_rank.js	656 B	2023-03-12	2023-04-22
Pretty URL 12931.url.tudown.com/template/company/955yx/js/week_rank.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:37 Last Seen2023-04-22 04:15:56 Times Seen301 Hash 00ac918b54dd742e0ec507274205038a 6a2976eb86376f33eb4f7b587f71296f07940da5 11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9 Loading...

	12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe	1.2 kB	2023-03-12	2023-04-05
Pretty URL 12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:37 Last Seen2023-04-05 01:37:11 Times Seen255 Hash dc87b0eb21fac25bd39cdf6ca3d6cec3 e8e46baa12a25ee3eb51b96364d7fc8ccdc01f4f 3d202add2284bb510f8d1415e2b50985d330b29b948610483eb7f0e92b16ceae Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-25
Pretty URL push.zhanzhang.baidu.com/push.js IP 180.101.212.103 ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 10:56:53 Times Seen18996 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9104ef1ddb84ab257a9e746454b00ff8	310 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 14:02:34 Last Seen2023-03-18 07:38:54 Times Seen1 Hash 9104ef1ddb84ab257a9e746454b00ff8 abbc574006d442cf8207f6547e94799ac4aa2aaf 08cfa2671ab17fd81b2902c4c81aa0924c009028f346513b84a77417ae47d036 Loading...

	#2 Write - f04a989cc6934d966005f208d8a76486	109 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:24:56 Last Seen2024-04-21 21:29:48 Times Seen831 Hash f04a989cc6934d966005f208d8a76486 01706cd8417e937eeb6f353c8fcf3fbfd73b9c33 405d1b31aee0ca88643371e6ae67d3f53bebb2a2ba8ebc69cf7449f788a2d04c Loading...

	#3 Write - 87092ed67515a683295f7ec956ddd5d1	88 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:24:56 Last Seen2024-04-21 21:29:48 Times Seen913 Hash 87092ed67515a683295f7ec956ddd5d1 06020f6c6f95424c00eba0bb9a5d8c544116c668 1c78737754efd40c05f7c5d9cb5ea93256f0d10f0cd935eae2e4208c7f9464d6 Loading...

	#4 Write - 74312d9fd3d0d77a65b4edf6f7a9d543	169 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 12:43:11 Last Seen2024-04-24 09:12:37 Times Seen2524 Hash 74312d9fd3d0d77a65b4edf6f7a9d543 f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6 e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08 Loading...

HTTP Transactions (163)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5273
Expires: Sat, 04 Feb 2023 17:23:28 GMT
Date: Sat, 04 Feb 2023 15:55:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14035
Expires: Sat, 04 Feb 2023 19:49:30 GMT
Date: Sat, 04 Feb 2023 15:55:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 15:43:38 GMT
content-type: application/json
age: 717
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12861
Expires: Sat, 04 Feb 2023 19:29:56 GMT
Date: Sat, 04 Feb 2023 15:55:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: M4dxy4YcOX1BzAY1odQT0HyCIXMsSHfKynEgDK1gGMkrgVMzvnF9Jevnn+abnjMZu980LkMgznVaiLRvPdViPA==
x-amz-request-id: N6DDCJ614S60W59Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 15:24:04 GMT
age: 1891
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 15:55:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 15:07:19 GMT
age: 2897
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2275
Expires: Sat, 04 Feb 2023 16:33:31 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive

12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe

154.218.151.71

200 OK

8.5 kB

URL HTTP/1.1
12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Size
8.5 kB (8538 bytes)
Hash
0347935da47a21fcea94479ed0664a81
9e8403ebd05ca7dc3584540e15b8a963d3bb2c13
0ef978f2b0b4bfbb0ef5ad61e396170e35c2b265d2ae201ea19595216d134c5d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=1861d1cf31c694962b4207
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

35.160.45.85

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.45.85:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yuL98YuoPrkYB7ccTOW5QA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oJhc8DjYjH/CQv2Kxc88VtaUkPw=

12931.url.tudown.com/js/orsxg5a.script

154.218.151.71

200 OK

531 B

URL HTTP/1.1
12931.url.tudown.com/js/orsxg5a.script
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document, ASCII text, with CRLF line terminators
Size
531 B (531 bytes)
Hash
39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/orsxg5a.script HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

12931.url.tudown.com/template/company/955yx/css/gb.css

154.218.151.71

200 OK

47 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/css/gb.css
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Size
47 kB (47262 bytes)
Hash
50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135

HTTP Headers

GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:36 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Sun, 05 Feb 2023 03:55:36 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12931.url.tudown.com/template/company/955yx/js/searchword.js

154.218.151.71

200 OK

1.3 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/js/searchword.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1287 bytes)
Hash
95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12931.url.tudown.com/template/company/955yx/js/week_rank.js

154.218.151.71

200 OK

656 B

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/js/week_rank.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
ASCII text, with CRLF line terminators
Size
656 B (656 bytes)
Hash
00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

12931.url.tudown.com/template/company/955yx/js/script_index2.js

154.218.151.71

200 OK

2.3 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/js/script_index2.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
ISO-8859 text, with CRLF line terminators
Size
2.3 kB (2263 bytes)
Hash
e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12931.url.tudown.com/template/company/955yx/js/api.js

154.218.151.71

200 OK

22 B

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/js/api.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
ASCII text, with CRLF line terminators
Size
22 B (22 bytes)
Hash
143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

12931.url.tudown.com/template/company/955yx/js/gb.js

154.218.151.71

200 OK

7.7 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/js/gb.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
7.7 kB (7698 bytes)
Hash
2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12931.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js

154.218.151.71

200 OK

41 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
ASCII text, with very long lines (65483)
Size
41 kB (40969 bytes)
Hash
aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21038
Expires: Sat, 04 Feb 2023 21:46:15 GMT
Date: Sat, 04 Feb 2023 15:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19713
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19713
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19713
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19713
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19713
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:55:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 63904
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9141 bytes)
Hash
f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 63727
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 63916
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 63905
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9349 bytes)
Hash
4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 56094
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 65253
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

12931.url.tudown.com/static/api/http://12931.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465422

154.218.151.71

404 Not Found

146 B

URL HTTP/1.1
12931.url.tudown.com/static/api/http://12931.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465422
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /static/api/http://12931.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465422 HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

12931.url.tudown.com/uploads/images/613997.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/613997.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/613997.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2885283128,899350702&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170

12931.url.tudown.com/uploads/images/769889.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/769889.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/769889.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2122931362,465787482&fm=253&fmt=auto&app=120&f=JPEG?w=400&h=400

12931.url.tudown.com/template/company/955yx/images/home.png

154.218.151.71

200 OK

1.3 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/images/home.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1270 bytes)
Hash
302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2

HTTP Headers

GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/template/company/955yx/css/gb.css
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes

12931.url.tudown.com/uploads/images/885230.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/885230.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/885230.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=775835733,433013180&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/563177.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/563177.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/563177.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499

12931.url.tudown.com/uploads/images/26002.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/26002.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/26002.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1496123987,2661962405&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224

12931.url.tudown.com/uploads/images/954850.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/954850.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/954850.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

12931.url.tudown.com/uploads/images/626865.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/626865.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/626865.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1770764717,1064998531&fm=253&fmt=auto&app=138&f=JPEG?w=501&h=500

12931.url.tudown.com/uploads/images/746741.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/746741.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/746741.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1408659075,2347218015&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=201

12931.url.tudown.com/uploads/images/874439.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/874439.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/874439.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=551660493,979160127&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889

12931.url.tudown.com/uploads/images/122944.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/122944.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/122944.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/47661.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/47661.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/47661.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2602722561,1421725466&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

push.zhanzhang.baidu.com/push.js

180.101.212.103

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 15:55:38 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 15:55:38 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=EBD3AAF6C0A910900885360B7EC898CF:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 15:55:38 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
81f5c123f4a83e821e1e2f7c4101a7bf
650933ff62323a28072863389d558e213041f68a
5a56d766b7901444e0da4d430348ca3f0ddae9cf26f9bb4f41266c36750572d7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 12:17:24 GMT
ETag: "650933ff62323a28072863389d558e213041f68a"
Last-Modified: Sat, 04 Feb 2023 12:17:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7944977e6d02b521-OSL

12931.url.tudown.com/template/company/955yx/images/litterstar.png

154.218.151.71

200 OK

1.7 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/images/litterstar.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1706 bytes)
Hash
d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b

HTTP Headers

GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/template/company/955yx/css/gb.css
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes

12931.url.tudown.com/uploads/images/609533.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/609533.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/609533.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4145886606,1382989624&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500

12931.url.tudown.com/uploads/images/533227.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/533227.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/533227.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1274908658,1713950003&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/322644.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/322644.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/322644.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=228495488,3907876275&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500

12931.url.tudown.com/uploads/images/625103.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/625103.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/625103.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=893979314,60350366&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500

12931.url.tudown.com/template/company/955yx/images/bgs.png

154.218.151.71

200 OK

101 kB

URL HTTP/1.1
12931.url.tudown.com/template/company/955yx/images/bgs.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size
101 kB (101362 bytes)
Hash
1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9

HTTP Headers

GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/template/company/955yx/css/gb.css
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes

12931.url.tudown.com/uploads/images/227082.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/227082.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/227082.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1311957819,2512572683&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

12931.url.tudown.com/uploads/images/707785.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/707785.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/707785.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=944806952,3984221054&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=711

12931.url.tudown.com/uploads/images/69369.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/69369.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/69369.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=95212082,672529190&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=500

12931.url.tudown.com/uploads/images/344230.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/344230.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/344230.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1082996496,623551424&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/28823.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/28823.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/28823.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092

ocsp.crlocsp.cn/

101.198.193.5

200 OK

472 B

URL HTTP/1.1
ocsp.crlocsp.cn/
IP
101.198.193.5:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
data
Size
472 B (472 bytes)
Hash
0d324131dca4960e6e81b522efd00a68
b8d5934359a12f1585f7f6025e3e252c915b6e83
ca1c02c77c4e94efd7846bed454d839b407056477c43f7dca8b1d219d3b8a1b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Sat, 04 Feb 2023 15:54:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Sat, 04 Feb 2023 07:32:09 GMT
Expires: Sat, 11 Feb 2023 07:32:08 GMT
ETag: "B8D5934359A12F1585F7F6025E3E252C915B6E83"
cache-control: max-age=172800,public,no-transform,must-revalidate

s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js

54.230.111.4

200 OK

478 B

URL HTTP/2
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP
54.230.111.4:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (478), with no line terminators
Size
478 B (478 bytes)
Hash
5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

HTTP Headers

GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12931.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Fri, 06 Jan 2023 02:40:18 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Mon, 03 Jan 2033 02:40:18 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q0CQVcuHyqvLCll8ivKBCbC8OzZ6D4KORYajbhRMkKaxI4_eOPYa5A==
age: 2553321
X-Firefox-Spdy: h2

12931.url.tudown.com/uploads/images/137086.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/137086.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/137086.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1867987343,3008850380&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500

api.share.baidu.com/s.gif?l=http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe

39.156.68.163

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
IP
39.156.68.163:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 15:55:39 GMT

12931.url.tudown.com/uploads/images/632474.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/632474.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/632474.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3124816760,490579788&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/397329.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/397329.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/397329.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500

12931.url.tudown.com/uploads/images/909419.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/909419.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/909419.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3830720015,3772898188&fm=253&fmt=auto?w=1422&h=800

12931.url.tudown.com/uploads/images/446629.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/446629.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/446629.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=162976163,2845049117&fm=253&fmt=auto&app=138&f=PNG?w=500&h=676

12931.url.tudown.com/uploads/images/729740.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/729740.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/729740.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2695204531,2698869799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/941478.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/941478.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/941478.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2428433112,1248005970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749

12931.url.tudown.com/uploads/images/286300.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/286300.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/286300.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2423740803,4005398423&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/235094.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/235094.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/235094.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268

12931.url.tudown.com/uploads/images/31657.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/31657.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/31657.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1504889317,3226780132&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313

12931.url.tudown.com/uploads/images/71103.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/71103.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/71103.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750

12931.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675526175423

154.218.151.71

200 OK

8.6 kB

URL HTTP/1.1
12931.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675526175423
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Size
8.6 kB (8557 bytes)
Hash
043696cd4535f3fff178dc807f825f11
b0f16ddf7f906b5e3f164f27b6dfe867f85b3db8
3bce207a2473d7632fced2ab0290ef015ee471fd965662bc400f89192bbd92cf

HTTP Headers

GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675526175423 HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

s.360.cn/so/zz.gif?url=http%3A%2F%2F12931.url.tudown.com%2Fdown%2Fberrybox%25E4%25B8%258B%25E8%25BD%25BD%40134_2582.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b238f5228_542351f@2DdBb%

101.198.2.147

200 OK

0 B

URL HTTP/1.1
s.360.cn/so/zz.gif?url=http%3A%2F%2F12931.url.tudown.com%2Fdown%2Fberrybox%25E4%25B8%258B%25E8%25BD%25BD%40134_2582.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b238f5228_542351f@2DdBb%
IP
101.198.2.147:0
ASN
#23724 IDC, China Telecommunications Corporation

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /so/zz.gif?url=http%3A%2F%2F12931.url.tudown.com%2Fdown%2Fberrybox%25E4%25B8%258B%25E8%25BD%25BD%40134_2582.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b238f5228_542351f@2DdBb% HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/

HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 31 May 2022 08:31:45 GMT
Connection: keep-alive
ETag: "6295d271-0"
Accept-Ranges: bytes

t13.baidu.com/it/u=775835733,433013180&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

45 kB

URL HTTP/1.1
t13.baidu.com/it/u=775835733,433013180&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
45 kB (44965 bytes)
Hash
29d1dedbb6bfa07d6c63140a9afb2b76
78b12eb90ef1ddedf72e130a7aba16c9a4736f5b
9fea958ac8354e264d3bec59882c610f5e5f9f9eca167c15fcf6b14ab879bef7

HTTP Headers

GET /it/u=775835733,433013180&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 44965
Connection: keep-alive
Expires: Fri, 17 Feb 2023 15:30:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 29d1dedbb6bfa07d6c63140a9afb2b76
Age: 1430311
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 15:30:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache64 [1], bdix140 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44965
X-Cache-Status: HIT
Timing-Allow-Origin: *

hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (633)
Size
11 kB (11271 bytes)
Hash
99b9073ee4cb1cc83ccdbd5783846698
8e64914898ff209bcaba81a3f480bf4c1bb1c15b
d302a08fe67ed59aa57a11ae51a468d4c0e418506e898bea9af8b32b2bc4aa21

HTTP Headers

GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12931.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 15:55:39 GMT
Etag: 6f853986f261897c8914754c8d3f0498
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4854D1CC258FA16E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

t13.baidu.com/it/u=2423740803,4005398423&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

27 kB

URL HTTP/1.1
t13.baidu.com/it/u=2423740803,4005398423&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
27 kB (26833 bytes)
Hash
4c528e55e50bbdc0fa9fba29808c8521
3f8bdd64d3733be1aac5fc201bd4b18b77ef5030
29affc6fe60b169806acb5b1e5f8537925812a4cf67e400accc5a757a8a7bb43

HTTP Headers

GET /it/u=2423740803,4005398423&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 26833
Connection: keep-alive
Expires: Wed, 15 Feb 2023 00:19:18 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4c528e55e50bbdc0fa9fba29808c8521
Age: 384405
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 00:19:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache57 [1], czix153 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 26833
X-Cache-Status: HIT
Timing-Allow-Origin: *

t13.baidu.com/it/u=3124816760,490579788&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

42 kB

URL HTTP/1.1
t13.baidu.com/it/u=3124816760,490579788&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
42 kB (42119 bytes)
Hash
14dde8f17a41f2eb82998d99fc16ac2b
e4d8ea2fda6af65f3a172ff3a00876eac00e00a2
ea11d5a1876db05e5732cc14af08de04515c3f0ddcb63d40ae9f80b8bb59be31

HTTP Headers

GET /it/u=3124816760,490579788&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 42119
Connection: keep-alive
Expires: Sat, 18 Feb 2023 12:20:12 GMT
Last-Modified: Sun, 18 Jan 1970 00:00:00 GMT
ETag: 14dde8f17a41f2eb82998d99fc16ac2b
Age: 19284
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 12:20:12 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache64 [1], suzix96 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42119
X-Cache-Status: HIT
Timing-Allow-Origin: *

12931.url.tudown.com/api.php?op=digg&action=show&id=23038

154.218.151.71

404 Not Found

146 B

URL HTTP/1.1
12931.url.tudown.com/api.php?op=digg&action=show&id=23038
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

12931.url.tudown.com/uploads/images/209979.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/209979.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/209979.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3842301589,2661641299&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200

12931.url.tudown.com/uploads/images/273628.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/273628.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/273628.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=814922709,807715786&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/893264.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/893264.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/893264.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500

img0.baidu.com/it/u=2885283128,899350702&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170

125.74.42.35

200 OK

6.7 kB

URL HTTP/2
img0.baidu.com/it/u=2885283128,899350702&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.7 kB (6744 bytes)
Hash
11da4663bf208bd1a6256dcd8363b343
637cfb1224506be8a0d931a8c328370d18c2d47c
ad5b3be30da010bae4bf120d8ff1c5266c585ad4bf6cf7008bf5b01144396a42

HTTP Headers

GET /it/u=2885283128,899350702&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 6744
expires: Fri, 17 Feb 2023 06:53:52 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 11da4663bf208bd1a6256dcd8363b343
age: 385027
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:53:52 GMT
ohc-cache-hit: lz3ct72 [4], qdix227 [2]
ohc-file-size: 6744
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=1311957819,2512572683&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

125.74.42.35

200 OK

18 kB

URL HTTP/2
img0.baidu.com/it/u=1311957819,2512572683&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18538 bytes)
Hash
0972bc41e7105ea76487b66875289ca1
e6af8771bc789d73c2e4301c4dc948a7b38a0e2a
e71a1ebedea6b9ef20f569101d0e7c589ea4caf1f57f2597e974abf6a93cb013

HTTP Headers

GET /it/u=1311957819,2512572683&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 18538
expires: Wed, 01 Mar 2023 17:24:14 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 0972bc41e7105ea76487b66875289ca1
age: 39697
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 17:24:14 GMT
ohc-cache-hit: lz3ct70 [4], bdix113 [2]
ohc-file-size: 18538
x-cache-status: HIT
X-Firefox-Spdy: h2

t13.baidu.com/it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

38 kB

URL HTTP/1.1
t13.baidu.com/it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
38 kB (37504 bytes)
Hash
d71dd77c0ee5283dd2b6d3e0abcb2733
b0598779f0411b78862ec221c8287921ddb4ed63
cfad2f8b1f15679f5516dd4551e7d00b2c8c5e363cfaa5b66f5ab92cc8928471

HTTP Headers

GET /it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 37504
Connection: keep-alive
Expires: Mon, 20 Feb 2023 02:31:32 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: d71dd77c0ee5283dd2b6d3e0abcb2733
Age: 1200388
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 02:31:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache57 [4], xaix199 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37504
X-Cache-Status: HIT
Timing-Allow-Origin: *

12931.url.tudown.com/uploads/images/159884.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/159884.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/159884.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3923600217,797260628&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/486751.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/486751.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/486751.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1516083702,1859252157&fm=253&fmt=auto&app=138&f=JPEG?w=352&h=500

12931.url.tudown.com/uploads/images/330647.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/330647.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/330647.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3342466840,256674776&fm=224&app=112&f=JPEG?w=350&h=350

t14.baidu.com/it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092

185.10.104.124

200 OK

31 kB

URL HTTP/1.1
t14.baidu.com/it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
31 kB (30795 bytes)
Hash
77cb6e76f076d6822a34a33ae7fcbdfd
926b7542b36a5360abf11b34fd2d6f91fa269447
eecc9c2930db8cc9645962e1c15f0212083fe81b45020307647bd7b800429f1e

HTTP Headers

GET /it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 30795
Connection: keep-alive
Expires: Thu, 02 Mar 2023 04:14:24 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 77cb6e76f076d6822a34a33ae7fcbdfd
Age: 218183
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 04:14:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache60 [4], xiangyix181 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30795
X-Cache-Status: HIT
Timing-Allow-Origin: *

t14.baidu.com/it/u=1082996496,623551424&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

48 kB

URL HTTP/1.1
t14.baidu.com/it/u=1082996496,623551424&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
48 kB (48130 bytes)
Hash
892a20155f74938a4445948e5f6673bf
6bab76ec81b9fd07c5633ee5a4c742efe0de6aff
2014a5cd3c95361628953dfda18426494dadfe66e016ef91b4a98a9b5aa5c381

HTTP Headers

GET /it/u=1082996496,623551424&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 48130
Connection: keep-alive
Expires: Mon, 27 Feb 2023 05:17:38 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 892a20155f74938a4445948e5f6673bf
Age: 567406
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 05:17:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache56 [4], suzix76 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48130
X-Cache-Status: HIT
Timing-Allow-Origin: *

t13.baidu.com/it/u=3342466840,256674776&fm=224&app=112&f=JPEG?w=350&h=350

185.10.104.124

200 OK

23 kB

URL HTTP/1.1
t13.baidu.com/it/u=3342466840,256674776&fm=224&app=112&f=JPEG?w=350&h=350
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Size
23 kB (22705 bytes)
Hash
4cdd33ed3aba703f2b43e143e2fe0e4b
70afd9e7c470743d076969dc172e2949a5d48b47
f15f344e93ad01121459827964d550bc4a2f4b3bdb0ebd30695a5033cfc86523

HTTP Headers

GET /it/u=3342466840,256674776&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 22705
Connection: keep-alive
Expires: Mon, 06 Mar 2023 08:07:32 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4cdd33ed3aba703f2b43e143e2fe0e4b
Age: 28088
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 08:07:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache50 [1], xaix167 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 22705
X-Cache-Status: HIT
Timing-Allow-Origin: *

t14.baidu.com/it/u=1274908658,1713950003&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

54 kB

URL HTTP/1.1
t14.baidu.com/it/u=1274908658,1713950003&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
54 kB (53760 bytes)
Hash
7b582358165a4dc2e1c67ade560cca0a
18a6bd1c0b6a115b36614108916edb6782d52480
56dbf16da61e7ff3775d1d176a41c737fb6d22d78f43bcece10dbb205b43c062

HTTP Headers

GET /it/u=1274908658,1713950003&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 53760
Connection: keep-alive
Expires: Sat, 18 Feb 2023 02:26:54 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 7b582358165a4dc2e1c67ade560cca0a
Age: 1430926
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 02:26:53 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache53 [2], suzix155 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53760
X-Cache-Status: HIT
Timing-Allow-Origin: *

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1276629804&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1152&u=http%3A%2F%2F12931.url.tudown.com%2Fdown%2Fberrybox%25E4%25B8%258B%25E8%25BD%25BD%40134_2582.exe&tt=ag%E4%BA%9A%E6%B4%B2%E4%B9%9D%E6%B8%B8%E4%BC%9A%E7%99%BB%E5%8F%A3-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1276629804&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1152&u=http%3A%2F%2F12931.url.tudown.com%2Fdown%2Fberrybox%25E4%25B8%258B%25E8%25BD%25BD%40134_2582.exe&tt=ag%E4%BA%9A%E6%B4%B2%E4%B9%9D%E6%B8%B8%E4%BC%9A%E7%99%BB%E5%8F%A3-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1276629804&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1152&u=http%3A%2F%2F12931.url.tudown.com%2Fdown%2Fberrybox%25E4%25B8%258B%25E8%25BD%25BD%40134_2582.exe&tt=ag%E4%BA%9A%E6%B4%B2%E4%B9%9D%E6%B8%B8%E4%BC%9A%E7%99%BB%E5%8F%A3-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12931.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 15:55:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=67EE6B79153D369F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img0.baidu.com/it/u=944806952,3984221054&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=711

125.74.42.35

200 OK

7.7 kB

URL HTTP/2
img0.baidu.com/it/u=944806952,3984221054&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=711
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x711, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.7 kB (7732 bytes)
Hash
39890b931b08e68dd38902151c691d1c
7773c6ad3eec270e8f01b7a66bd31260e306e9ff
883e478210ba67d0cba857ab98b0b393cb277f00b74f7aa2e09a2f26c9432dcc

HTTP Headers

GET /it/u=944806952,3984221054&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=711 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 7732
expires: Sun, 19 Feb 2023 12:46:40 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 39890b931b08e68dd38902151c691d1c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 12:46:40 GMT
ohc-cache-hit: lz3ct77 [1], czix67 [4]
ohc-file-size: 7732
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=1770764717,1064998531&fm=253&fmt=auto&app=138&f=JPEG?w=501&h=500

125.74.42.35

200 OK

22 kB

URL HTTP/2
img0.baidu.com/it/u=1770764717,1064998531&fm=253&fmt=auto&app=138&f=JPEG?w=501&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 501x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
22 kB (21752 bytes)
Hash
759eae4c1dc268434acd35f736a93bd8
79da698b8dc2deb74dbeef35af3442c5679eae3b
89e1442b8cc6c1ca61774870e73254438973f065c8bf6cca03c94879aafd9501

HTTP Headers

GET /it/u=1770764717,1064998531&fm=253&fmt=auto&app=138&f=JPEG?w=501&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 21752
expires: Mon, 20 Feb 2023 10:51:53 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 759eae4c1dc268434acd35f736a93bd8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 10:51:53 GMT
ohc-cache-hit: lz3ct82 [1], qdix148 [4]
ohc-file-size: 21752
x-cache-status: MISS
X-Firefox-Spdy: h2

t15.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

76 kB

URL HTTP/1.1
t15.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
76 kB (75587 bytes)
Hash
3d203fedc41dfb1218e27e0669bc9a38
5d9353856de0e35cbd3b4f00aaf903fb423e0ad3
8868b22739aa8848b8534fc17f2e3da45ba552aefb77ee9adea5a32cb10bc293

HTTP Headers

GET /it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 75587
Connection: keep-alive
Expires: Tue, 28 Feb 2023 11:22:29 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 3d203fedc41dfb1218e27e0669bc9a38
Age: 394726
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 11:22:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], xauncache100 [2], xaix172 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75587
X-Cache-Status: HIT
Timing-Allow-Origin: *

12931.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16

154.218.151.71

200 OK

8.6 kB

URL HTTP/1.1
12931.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Size
8.6 kB (8581 bytes)
Hash
0d5de1f03074122bcee21e614f6d466a
afee430289736eb31272638ef13124d3a2aff046
b5107c51fef67ebeffab2c87b77a3937e8a43da1fd0f1c1b10349afae8200912

HTTP Headers

GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

12931.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16

154.218.151.71

200 OK

8.7 kB

URL HTTP/1.1
12931.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Size
8.7 kB (8659 bytes)
Hash
84771d722990312643031ebd46e8310c
a466a58331d922abd063ed8d0b9f483b59b9a4b9
77e89903ba6bb39a510b65686adf4f120e544c50f93c402cbad07b5352afffdb

HTTP Headers

GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

12931.url.tudown.com/uploads/images/817971.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/817971.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/817971.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/268650.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/268650.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/268650.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2037062839,2216091887&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749

t15.baidu.com/it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

60 kB

URL HTTP/1.1
t15.baidu.com/it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
60 kB (59535 bytes)
Hash
2782f47fec88092bea09fbd7f661e266
d9fc408a701ed4c686acd3da0da44d0128363bd6
d59791f6ebf4ba105d563144fbd681e5ec315b20eadb89919ff887a6b75f6acf

HTTP Headers

GET /it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 59535
Connection: keep-alive
Expires: Mon, 13 Feb 2023 23:51:34 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 2782f47fec88092bea09fbd7f661e266
Age: 378676
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 23:51:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache58 [1], xiangyix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59535
X-Cache-Status: HIT
Timing-Allow-Origin: *

12931.url.tudown.com/uploads/images/778317.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/778317.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/778317.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

img1.baidu.com/it/u=4145886606,1382989624&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500

125.64.104.35

200 OK

55 kB

URL HTTP/2
img1.baidu.com/it/u=4145886606,1382989624&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 950x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
55 kB (54590 bytes)
Hash
be21fc1f6a1cc6bb5f063c4c7f016528
73ded968aa95df7835cbcafab7fbc2b2141e214f
bd0fbce42a44df0a76e1fcb3fffd010b63d8884b29edfa64592afa6ab6495bcf

HTTP Headers

GET /it/u=4145886606,1382989624&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 54590
expires: Sun, 19 Feb 2023 15:56:06 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: be21fc1f6a1cc6bb5f063c4c7f016528
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 15:56:06 GMT
ohc-cache-hit: dy2ct64 [1], qdix158 [4]
ohc-file-size: 54590
x-cache-status: MISS
X-Firefox-Spdy: h2

12931.url.tudown.com/uploads/images/logo.png?n=42625znxt3s3raxjqw4ord445gy3zzm7xhuk5lpexcw6lp4d&w=250

154.218.151.71

200 OK

2.7 kB

URL HTTP/1.1
12931.url.tudown.com/uploads/images/logo.png?n=42625znxt3s3raxjqw4ord445gy3zzm7xhuk5lpexcw6lp4d&w=250
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2702 bytes)
Hash
33ce0714525543a15c522ec28bbad7dc
bec345dfbe76de3022f58cfb597274883d428434
60450c6eecf88254df3f0a6e04c0fd5b49567a0dd4a23e15e70c5e30ea6c184c

HTTP Headers

GET /uploads/images/logo.png?n=42625znxt3s3raxjqw4ord445gy3zzm7xhuk5lpexcw6lp4d&w=250 HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

img0.baidu.com/it/u=893979314,60350366&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500

125.74.42.35

200 OK

33 kB

URL HTTP/2
img0.baidu.com/it/u=893979314,60350366&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 353x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
33 kB (32980 bytes)
Hash
38e4d9cc67d0a1f962fc0dbc32a69557
f51608235503624aca01d00678514665c102a706
a509f163e51be7ea9bbf0b564aea244a19ef099067a0dfdca7a04289ddfc2447

HTTP Headers

GET /it/u=893979314,60350366&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 32980
expires: Wed, 22 Feb 2023 02:14:39 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 38e4d9cc67d0a1f962fc0dbc32a69557
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:14:39 GMT
ohc-cache-hit: lz3ct53 [1], bdix153 [4]
ohc-file-size: 32980
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=3842301589,2661641299&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200

125.74.42.35

200 OK

8.5 kB

URL HTTP/2
img0.baidu.com/it/u=3842301589,2661641299&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.5 kB (8548 bytes)
Hash
c29fc805e3d9177002bb8cd2ba0b3299
4e081864fbe2ec03906815038fc74ed613afc12d
479360f9b525f2a4e7730dda5ba1831d5b5d8a2a33f9495f59eaaa5cdc468a0d

HTTP Headers

GET /it/u=3842301589,2661641299&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 8548
expires: Tue, 21 Feb 2023 04:34:40 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: c29fc805e3d9177002bb8cd2ba0b3299
age: 200337
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:34:39 GMT
ohc-cache-hit: lz3ct89 [4], bdix248 [4]
ohc-file-size: 8548
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=228495488,3907876275&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500

125.74.42.35

200 OK

24 kB

URL HTTP/2
img0.baidu.com/it/u=228495488,3907876275&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image\012- data
Size
24 kB (23634 bytes)
Hash
57805bd6e7dc4861773512a252a148b6
b085205cd25178937c3eaf63463d99a23b0d3539
33873ab5885f604c9488b8a77a44ed8922d1cb511f6d408648e742c7d361ba02

HTTP Headers

GET /it/u=228495488,3907876275&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 23634
expires: Wed, 22 Feb 2023 08:48:50 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 57805bd6e7dc4861773512a252a148b6
age: 191267
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 08:48:50 GMT
ohc-cache-hit: lz3ct79 [4], czix79 [4]
ohc-file-size: 23634
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=814922709,807715786&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

125.74.42.35

200 OK

9.1 kB

URL HTTP/2
img0.baidu.com/it/u=814922709,807715786&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.1 kB (9056 bytes)
Hash
2b2994ee28dc182f698f6fa9e7da4840
342be9fb3a5b281aa77ae4758244eb90d8e95aa5
011240d6aa9405a057b8698d8bb7fe81ce608f2ff2a9e835639ee8bdc6105b11

HTTP Headers

GET /it/u=814922709,807715786&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 9056
expires: Sat, 18 Feb 2023 04:47:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2b2994ee28dc182f698f6fa9e7da4840
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:47:31 GMT
ohc-cache-hit: lz3ct61 [1], suzix237 [4]
ohc-file-size: 9056
x-cache-status: MISS
X-Firefox-Spdy: h2

t15.baidu.com/it/u=3923600217,797260628&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

43 kB

URL HTTP/1.1
t15.baidu.com/it/u=3923600217,797260628&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
43 kB (43299 bytes)
Hash
15389e3bdc5d1b71d5fb95f2e7829862
a6a23d0d29617da32aada131144a255da4511099
671789d007a9b83ba9314ca69a10c8c6dc4105cfee5747a7f0f7e1e167d4d489

HTTP Headers

GET /it/u=3923600217,797260628&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 43299
Connection: keep-alive
Expires: Mon, 06 Mar 2023 15:55:40 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 15389e3bdc5d1b71d5fb95f2e7829862
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 15:55:40 GMT
Ohc-Upstream-Trace: 180.97.33.13; 113.142.198.70; 58.20.204.54
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache64 [4], xaix70 [2]
Ohc-Response-Time: 1 0 0 0 437 438
Ohc-File-Size: 43299
X-Cache-Status: MISS
Timing-Allow-Origin: *

12931.url.tudown.com/uploads/images/499478.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/499478.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/499478.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347

12931.url.tudown.com/uploads/images/771324.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/771324.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/771324.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1999391408,2670787466&fm=253&app=120&f=JPEG?w=640&h=1136

12931.url.tudown.com/uploads/images/168759.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/168759.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/168759.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500

12931.url.tudown.com/uploads/images/542426.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/542426.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/542426.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3100190542,1243609320&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=514

t13.baidu.com/it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

45 kB

URL HTTP/1.1
t13.baidu.com/it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
45 kB (44956 bytes)
Hash
a8b0ba19033aac508e41bd0274b13e31
4d1405fe6d7b2ceedd1fb61e38706f63b1c3db86
1ee45b0f31a05e386f6fedbc1debed2bca6291b52d4848b1c75d1c22fd7949a3

HTTP Headers

GET /it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 44956
Connection: keep-alive
Expires: Mon, 20 Feb 2023 03:10:28 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: a8b0ba19033aac508e41bd0274b13e31
Age: 405980
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 03:10:28 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache60 [1], csix60 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44956
X-Cache-Status: HIT
Timing-Allow-Origin: *

img0.baidu.com/it/u=95212082,672529190&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=500

125.74.42.35

200 OK

18 kB

URL HTTP/2
img0.baidu.com/it/u=95212082,672529190&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 499x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18270 bytes)
Hash
7899183fcbfe9c1778aa4229fa5712c2
9c37dae935778f01df13b4bd68845a435843530a
86806a799cd166f30c5ad2f8f4124cfef05f8270d1145a91f9a111c00b51b897

HTTP Headers

GET /it/u=95212082,672529190&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 18270
expires: Fri, 10 Feb 2023 07:19:12 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 7899183fcbfe9c1778aa4229fa5712c2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 07:19:12 GMT
ohc-cache-hit: lz3ct50 [1], wzix111 [4]
ohc-file-size: 18270
x-cache-status: MISS
X-Firefox-Spdy: h2

12931.url.tudown.com/uploads/images/194179.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/194179.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/194179.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1352737939,1322848535&fm=224&app=112&f=JPG?w=352&h=500&s=F590CB395102DF4D468461F70300C022

12931.url.tudown.com/uploads/images/683197.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/683197.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/683197.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2687657228,3818127795&fm=253&app=120&f=JPEG?w=1280&h=800

img0.baidu.com/it/u=2428433112,1248005970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749

125.74.42.35

200 OK

25 kB

URL HTTP/2
img0.baidu.com/it/u=2428433112,1248005970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x749, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
25 kB (24774 bytes)
Hash
e7621955b679461529b17c723ee2fee4
234447069f08c5bc410a15d98d44b925199d4297
a5ffcbce975a70b37e9132c0c53a8565a495bb6e53ef76d471fea97c2a6dadb0

HTTP Headers

GET /it/u=2428433112,1248005970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 24774
expires: Tue, 21 Feb 2023 09:24:59 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: e7621955b679461529b17c723ee2fee4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:24:59 GMT
ohc-cache-hit: lz3ct77 [1], qdix177 [4]
ohc-file-size: 24774
x-cache-status: MISS
X-Firefox-Spdy: h2

t14.baidu.com/it/u=1352737939,1322848535&fm=224&app=112&f=JPG?w=352&h=500&s=F590CB395102DF4D468461F70300C022

185.10.104.124

200 OK

25 kB

URL HTTP/1.1
t14.baidu.com/it/u=1352737939,1322848535&fm=224&app=112&f=JPG?w=352&h=500&s=F590CB395102DF4D468461F70300C022
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 352x500, components 3\012- data
Size
25 kB (25406 bytes)
Hash
2745aff0b40c1ae9b9124ed0e9e1a33e
fb17dbecf7c5f357a0c6872e8ece17f2ced4186b
537aa4a2c3d819025714c5961d488aab38ee24885d08ab1eaa2cfc8e50b4789e

HTTP Headers

GET /it/u=1352737939,1322848535&fm=224&app=112&f=JPG?w=352&h=500&s=F590CB395102DF4D468461F70300C022 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 25406
Connection: keep-alive
Expires: Mon, 20 Feb 2023 16:20:45 GMT
Last-Modified: Mon, 19 Jan 1970 00:00:00 GMT
ETag: 2745aff0b40c1ae9b9124ed0e9e1a33e
Age: 1084454
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 16:20:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache55 [1], qdix70 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 25406
X-Cache-Status: HIT
Timing-Allow-Origin: *

img0.baidu.com/it/u=1867987343,3008850380&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500

125.74.42.35

200 OK

111 kB

URL HTTP/2
img0.baidu.com/it/u=1867987343,3008850380&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
GIF image data, version 89a, 583 x 500\012- data
Size
111 kB (111137 bytes)
Hash
739452c84a507186a007335364fe8c03
503892d3fa4ba820ae107565266aedf8c06fa765
54935fe9235cd19b1c7ab975a8443925560026e372f99eacadaff56e89f11662

HTTP Headers

GET /it/u=1867987343,3008850380&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/gif
content-length: 111137
expires: Wed, 22 Feb 2023 08:07:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 739452c84a507186a007335364fe8c03
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 08:07:48 GMT
ohc-cache-hit: lz3ct59 [1], czix199 [4]
ohc-file-size: 111137
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=1496123987,2661962405&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224

125.74.42.35

200 OK

6.2 kB

URL HTTP/2
img0.baidu.com/it/u=1496123987,2661962405&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 224x224, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.2 kB (6192 bytes)
Hash
5a1d8e7e7071e26d2d1410d547af312e
7655f6ef24155001d4b7c5113863ee5775e3132d
8c183dd4d059f2638b83e2c1c6ffe25bbff8b704088e9d1dcfc2b297f879aa6e

HTTP Headers

GET /it/u=1496123987,2661962405&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 6192
expires: Mon, 06 Mar 2023 06:17:06 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5a1d8e7e7071e26d2d1410d547af312e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 06:17:06 GMT
ohc-cache-hit: lz3ct79 [1], csix79 [4]
ohc-file-size: 6192
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=2695204531,2698869799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

125.74.42.35

200 OK

24 kB

URL HTTP/2
img0.baidu.com/it/u=2695204531,2698869799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (24446 bytes)
Hash
71dacaca0febf117378e43cb1df51084
81743df7bc378c950532a9714256253cbe5ef86c
268ab16b671450d699d185cb4835d52c44365d0316246bc712d23bfda50fc175

HTTP Headers

GET /it/u=2695204531,2698869799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 24446
expires: Wed, 08 Feb 2023 02:11:22 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 71dacaca0febf117378e43cb1df51084
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 02:11:22 GMT
ohc-cache-hit: lz3ct79 [1], wzix79 [4]
ohc-file-size: 24446
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268

125.74.42.35

200 OK

3.5 kB

URL HTTP/2
img2.baidu.com/it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 508x268, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.5 kB (3532 bytes)
Hash
bc61b6e3c6a007facb24e887cbf78eec
aa9cf1edb99a3b2ed9656a2cdbd0117cb9599a6e
395c6d621738559cb70e95b4c07e83fe638da0d63c41e308769fb739fd093a7a

HTTP Headers

GET /it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 3532
expires: Mon, 06 Mar 2023 15:47:26 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bc61b6e3c6a007facb24e887cbf78eec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 15:47:26 GMT
ohc-cache-hit: lz3ct61 [1], xiangyix232 [4]
ohc-file-size: 3532
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=1408659075,2347218015&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=201

125.74.42.35

200 OK

9.6 kB

URL HTTP/2
img2.baidu.com/it/u=1408659075,2347218015&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=201
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x201, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.6 kB (9562 bytes)
Hash
447cf9dbe8e81e41af5aee4c92330f8f
c632afd9f98c175937e262f71bc942789f03ccca
0390bb7fc0be65a23b1660ca13eb72a144ca5949e2b4c15f27ef8a0d8d8597b9

HTTP Headers

GET /it/u=1408659075,2347218015&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=201 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 9562
expires: Fri, 24 Feb 2023 03:25:35 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 447cf9dbe8e81e41af5aee4c92330f8f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 03:25:35 GMT
ohc-cache-hit: lz3ct85 [1], bdix202 [4]
ohc-file-size: 9562
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500

125.74.42.35

200 OK

39 kB

URL HTTP/2
img2.baidu.com/it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 362x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
39 kB (39240 bytes)
Hash
c04cd35e3b7220c37852f0895289c8eb
de893f6c029cda5837965356a06d7234b2c42308
2f9fe4c3c2e39ef66408e6f91e8d31e55521b5e6903776d30f1a6fc940bff8bf

HTTP Headers

GET /it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 39240
expires: Sun, 19 Feb 2023 05:33:28 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: c04cd35e3b7220c37852f0895289c8eb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 05:33:28 GMT
ohc-cache-hit: lz3ct76 [1], qdix76 [4]
ohc-file-size: 39240
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750

125.74.42.35

200 OK

44 kB

URL HTTP/2
img2.baidu.com/it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
44 kB (43782 bytes)
Hash
8be69ac0178b13f9eea4f93d8f722e0a
f8e13dac166008307a3e18a89454e9a4d8a75125
26840f9ca7e3127555e913427d56a5ec75f653cb65ebe75e0931c4b12a380a2e

HTTP Headers

GET /it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 43782
expires: Sat, 18 Feb 2023 16:17:24 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8be69ac0178b13f9eea4f93d8f722e0a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 16:17:24 GMT
ohc-cache-hit: lz3ct78 [1], qdix78 [4]
ohc-file-size: 43782
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=3830720015,3772898188&fm=253&fmt=auto?w=1422&h=800

125.64.104.35

200 OK

114 kB

URL HTTP/2
img1.baidu.com/it/u=3830720015,3772898188&fm=253&fmt=auto?w=1422&h=800
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
114 kB (113790 bytes)
Hash
29806cc7843db51ade42b2c5ba9bde65
1e3a87a40aea29befe34aefe952db2a478b9098e
43b5541a07d707354328dffdddc9a954e01ed3a5c9acc06065dce981b82a1bb9

HTTP Headers

GET /it/u=3830720015,3772898188&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 113790
expires: Mon, 20 Feb 2023 15:24:41 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 29806cc7843db51ade42b2c5ba9bde65
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 15:24:41 GMT
ohc-cache-hit: dy2ct94 [1], czix177 [4]
ohc-file-size: 113790
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=1504889317,3226780132&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313

125.64.104.35

200 OK

38 kB

URL HTTP/2
img1.baidu.com/it/u=1504889317,3226780132&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
38 kB (38088 bytes)
Hash
30c1113abb0bc7dfe2eb120b7a2507d7
05f5cfe8bb33256275a43d7a14304354bd3b43f4
0756cfafd330bd6314cc76fa1e8209eb109bba5e9fad31cf94b16a53c6b5e4bb

HTTP Headers

GET /it/u=1504889317,3226780132&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 38088
expires: Tue, 21 Feb 2023 14:17:17 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 30c1113abb0bc7dfe2eb120b7a2507d7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 14:17:17 GMT
ohc-cache-hit: dy2ct76 [1], xaix205 [4]
ohc-file-size: 38088
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=1516083702,1859252157&fm=253&fmt=auto&app=138&f=JPEG?w=352&h=500

125.74.42.35

200 OK

32 kB

URL HTTP/2
img2.baidu.com/it/u=1516083702,1859252157&fm=253&fmt=auto&app=138&f=JPEG?w=352&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 352x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (32522 bytes)
Hash
241a940a6b3e20aba85c5ea944d03b26
37b78481fc8a09cbded881d791fe62c04a2125bd
337cfbef9c5e8b65f503bc7f767c1ba4aed36163d4781d1aa945a1906a84729f

HTTP Headers

GET /it/u=1516083702,1859252157&fm=253&fmt=auto&app=138&f=JPEG?w=352&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 32522
expires: Sun, 26 Feb 2023 16:36:24 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 241a940a6b3e20aba85c5ea944d03b26
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 16:36:24 GMT
ohc-cache-hit: lz3ct53 [1], wzix105 [4]
ohc-file-size: 32522
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499

125.64.104.35

200 OK

36 kB

URL HTTP/2
img1.baidu.com/it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 359x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
36 kB (35920 bytes)
Hash
2edf5f2a8b439035ecf1434e9b831b58
16b6c9f4d07f4926afee248d63f203260418f5ee
9d13a90fffc9504eec8cb9cadf0f23423628c77f7f957b86e0cd61039588c701

HTTP Headers

GET /it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 35920
expires: Mon, 06 Feb 2023 09:41:30 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 2edf5f2a8b439035ecf1434e9b831b58
age: 42415
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 09:41:30 GMT
ohc-cache-hit: dy2ct59 [4], csix59 [4]
ohc-file-size: 35920
x-cache-status: HIT
X-Firefox-Spdy: h2

img2.baidu.com/it/u=551660493,979160127&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889

125.74.42.35

200 OK

57 kB

URL HTTP/2
img2.baidu.com/it/u=551660493,979160127&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
57 kB (57010 bytes)
Hash
ef00b4142311dd50336c78fbadfca30e
fdb4b31f3229a5141212d963f39d50e653cd99a1
c96a5259d25aa42667c829a40de625feba32a414d6c6577ad566aeaa218920c5

HTTP Headers

GET /it/u=551660493,979160127&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 57010
expires: Sun, 05 Mar 2023 13:41:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ef00b4142311dd50336c78fbadfca30e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 13:41:22 GMT
ohc-cache-hit: lz3ct52 [1], wzix52 [2]
ohc-file-size: 57010
x-cache-status: MISS
X-Firefox-Spdy: h2

12931.url.tudown.com/uploads/images/478620.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/478620.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/478620.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1932780,1774025666&fm=224&app=112&f=JPEG?w=500&h=500

img0.baidu.com/it/u=2122931362,465787482&fm=253&fmt=auto&app=120&f=JPEG?w=400&h=400

125.74.42.35

200 OK

13 kB

URL HTTP/2
img0.baidu.com/it/u=2122931362,465787482&fm=253&fmt=auto&app=120&f=JPEG?w=400&h=400
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (12660 bytes)
Hash
dd20f2e71a1646d252f272839949c8b7
4c2a74861e7644ac57956aab8e722afcf772ff1e
0e70b37f451859d098e108cca3db430f0d0eb83bec7b047985e8f73ee29d5c4d

HTTP Headers

GET /it/u=2122931362,465787482&fm=253&fmt=auto&app=120&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 12660
expires: Mon, 06 Mar 2023 15:55:40 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: dd20f2e71a1646d252f272839949c8b7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 15:55:40 GMT
ohc-cache-hit: lz3ct77 [2], xiangyix212 [4]
ohc-file-size: 12660
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

125.74.42.35

200 OK

17 kB

URL HTTP/2
img0.baidu.com/it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (17248 bytes)
Hash
31e35930d9a3974a885db556fe3c1522
3d50996b24f996fc39b0fd2f242217bcf9da6cb4
cd8ee30272ae46bbfc672a958aa5241278841901cfda60534bd316abea8085cf

HTTP Headers

GET /it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 17248
expires: Tue, 07 Feb 2023 06:49:44 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 31e35930d9a3974a885db556fe3c1522
age: 154165
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 06:49:44 GMT
ohc-cache-hit: lz3ct64 [4], suzix169 [4]
ohc-file-size: 17248
x-cache-status: HIT
X-Firefox-Spdy: h2

img1.baidu.com/it/u=2602722561,1421725466&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

125.64.104.35

200 OK

18 kB

URL HTTP/2
img1.baidu.com/it/u=2602722561,1421725466&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18170 bytes)
Hash
0d6cd6e071de88daa72230917f6d42e6
2445c5c01fa361c23a93b609e3cd804e33c0711f
78c57670613d05dbfaf6659ece4afe57c11e43cacf408a3ba37b856dc83217fd

HTTP Headers

GET /it/u=2602722561,1421725466&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 18170
expires: Thu, 23 Feb 2023 10:29:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0d6cd6e071de88daa72230917f6d42e6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 10:29:23 GMT
ohc-cache-hit: dy2ct87 [1], qdix216 [4]
ohc-file-size: 18170
x-cache-status: MISS
X-Firefox-Spdy: h2

12931.url.tudown.com/uploads/images/556726.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/556726.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/556726.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3331637964,3729564777&fm=253&fmt=auto&app=120&f=JPEG?w=1244&h=800

t14.baidu.com/it/u=1932780,1774025666&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

21 kB

URL HTTP/1.1
t14.baidu.com/it/u=1932780,1774025666&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
21 kB (20710 bytes)
Hash
e67f7b539ef642724d979425d38f2485
d9fdf59352ef9a7fdde165083365f0d314cff98e
5e1c0907c5be9fea1bb533ba0761c255306bc78582c33344a6a9294b5b0c6313

HTTP Headers

GET /it/u=1932780,1774025666&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 20710
Connection: keep-alive
Expires: Sun, 05 Feb 2023 17:26:59 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e67f7b539ef642724d979425d38f2485
Age: 393221
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 17:26:59 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache55 [1], csix71 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20710
X-Cache-Status: HIT
Timing-Allow-Origin: *

12931.url.tudown.com/uploads/images/850731.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/850731.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/850731.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4028467205,644735175&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334

12931.url.tudown.com/uploads/images/690410.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/690410.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/690410.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500

12931.url.tudown.com/uploads/images/647982.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/647982.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/647982.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2620001455,1692512267&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867

12931.url.tudown.com/uploads/images/100474.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/100474.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/100474.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3617770504,24983910&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

img1.baidu.com/it/u=162976163,2845049117&fm=253&fmt=auto&app=138&f=PNG?w=500&h=676

125.64.104.35

200 OK

129 kB

URL HTTP/2
img1.baidu.com/it/u=162976163,2845049117&fm=253&fmt=auto&app=138&f=PNG?w=500&h=676
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image\012- data
Size
129 kB (128726 bytes)
Hash
a45151baf4bdf6ac477de8dbdb6eea12
a9bc1c2a413c56b52f661b2c3819007f318eadd0
f71a055da3db54f46b3855d27ca4a6972346fa746e5a2ca99c73ccf5fad58fbc

HTTP Headers

GET /it/u=162976163,2845049117&fm=253&fmt=auto&app=138&f=PNG?w=500&h=676 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 128726
expires: Tue, 21 Feb 2023 05:23:00 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a45151baf4bdf6ac477de8dbdb6eea12
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:23:00 GMT
ohc-cache-hit: dy2ct93 [1], bdix158 [4]
ohc-file-size: 128726
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

125.64.104.35

200 OK

49 kB

URL HTTP/2
img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
49 kB (48642 bytes)
Hash
b1239dcecfd8d2ae8581983d523b5a8e
319659f2d9d298ebc183120ddad0e9f16007ab5f
2748ee959cf00d490249eef871f48ee296eee130ad33653140ed87b9ab10b5a4

HTTP Headers

GET /it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 48642
expires: Fri, 17 Feb 2023 06:00:34 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: b1239dcecfd8d2ae8581983d523b5a8e
age: 116068
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:00:34 GMT
ohc-cache-hit: dy2ct92 [2], suzix148 [2]
ohc-file-size: 48642
x-cache-status: HIT
X-Firefox-Spdy: h2

img1.baidu.com/it/u=2037062839,2216091887&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749

125.64.104.35

200 OK

32 kB

URL HTTP/2
img1.baidu.com/it/u=2037062839,2216091887&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x749, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (32280 bytes)
Hash
96cae23f879c94b67c6cdfc94c5ab6d3
b780c7fbabffcd1cc17953f8f2af6efd885d5d2c
4b12d2544c207774210f88e8577f791dba164cb8cf7c6f24bf84cb28fc8bc45d

HTTP Headers

GET /it/u=2037062839,2216091887&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=749 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 32280
expires: Thu, 02 Mar 2023 02:02:05 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 96cae23f879c94b67c6cdfc94c5ab6d3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 02:02:05 GMT
ohc-cache-hit: dy2ct63 [1], czix63 [4]
ohc-file-size: 32280
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3100190542,1243609320&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=514

125.74.42.35

200 OK

24 kB

URL HTTP/2
img2.baidu.com/it/u=3100190542,1243609320&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=514
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x514, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (24334 bytes)
Hash
72bd44cb7f45f32174e88f2521fb4499
b8837e3cdd276e3f5a1718c8e706eee6579c442e
75c42ea534d4bbd4bbb76810dfd48c9d90f2a545874d68e05f67d2ab05913da3

HTTP Headers

GET /it/u=3100190542,1243609320&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=514 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 24334
expires: Wed, 22 Feb 2023 03:17:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 72bd44cb7f45f32174e88f2521fb4499
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:17:48 GMT
ohc-cache-hit: lz3ct88 [1], bdix113 [4]
ohc-file-size: 24334
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347

125.74.42.35

200 OK

26 kB

URL HTTP/2
img2.baidu.com/it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x347, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (25594 bytes)
Hash
a0eed35d242fa1cd5451d4ab160723cf
e0456789dc565478f40a385fd3b753534681824a
6f74f11b5ca2f3f0a205e2fd5d6ba1aa8cd04f644e29bd32edb285407df010d8

HTTP Headers

GET /it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 25594
expires: Sun, 05 Mar 2023 16:10:11 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: a0eed35d242fa1cd5451d4ab160723cf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 16:10:11 GMT
ohc-cache-hit: lz3ct81 [1], csix81 [2]
ohc-file-size: 25594
x-cache-status: MISS
X-Firefox-Spdy: h2

12931.url.tudown.com/uploads/images/214945.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/214945.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/214945.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=849778306,1970475678&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500

12931.url.tudown.com/uploads/images/629110.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/629110.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/629110.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800

12931.url.tudown.com/uploads/images/851638.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/851638.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/851638.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=928402332,1870921766&fm=253&fmt=auto&app=138&f=JPEG?w=571&h=500

12931.url.tudown.com/uploads/images/240953.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/240953.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/240953.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1554408427,769955625&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

img2.baidu.com/it/u=1999391408,2670787466&fm=253&app=120&f=JPEG?w=640&h=1136

180.97.66.35

200 OK

82 kB

URL HTTP/1.1
img2.baidu.com/it/u=1999391408,2670787466&fm=253&app=120&f=JPEG?w=640&h=1136
IP
180.97.66.35:0
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x1136, components 3\012- data
Size
82 kB (81917 bytes)
Hash
efd94291f63db6c6aac4f4895aba4884
707279b753d55bdf1906fd4ce641df773fa202dd
313bd069c8906cc33ca56e58e207ae6db8eb17826ac7eca6a6af6857b519c9f4

HTTP Headers

GET /it/u=1999391408,2670787466&fm=253&app=120&f=JPEG?w=640&h=1136 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 81917
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:43:12 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: efd94291f63db6c6aac4f4895aba4884
Age: 250634
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 13:43:12 GMT
Ohc-Cache-HIT: suz2ct62 [4], xiangyix82 [4]
Ohc-File-Size: 81917
X-Cache-Status: HIT

12931.url.tudown.com/uploads/images/304516.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12931.url.tudown.com/uploads/images/304516.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/304516.jpg HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3882191210,4062610010&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800

img0.baidu.com/it/u=3331637964,3729564777&fm=253&fmt=auto&app=120&f=JPEG?w=1244&h=800

125.74.42.35

200 OK

58 kB

URL HTTP/2
img0.baidu.com/it/u=3331637964,3729564777&fm=253&fmt=auto&app=120&f=JPEG?w=1244&h=800
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1244x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
58 kB (58302 bytes)
Hash
96e0f2a3e828b18878b9fa79dd9fa83d
0a251647d5051db5b1f096ae195ef4e351ec1740
29167abde82ce3acd721d74544a7669c5609919c0ebf0ce42f016f15e98f9c36

HTTP Headers

GET /it/u=3331637964,3729564777&fm=253&fmt=auto&app=120&f=JPEG?w=1244&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 58302
expires: Mon, 20 Feb 2023 13:57:31 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 96e0f2a3e828b18878b9fa79dd9fa83d
age: 201314
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:57:31 GMT
ohc-cache-hit: lz3ct87 [4], bdix160 [2]
ohc-file-size: 58302
x-cache-status: HIT
X-Firefox-Spdy: h2

img2.baidu.com/it/u=4028467205,644735175&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334

125.74.42.35

200 OK

18 kB

URL HTTP/2
img2.baidu.com/it/u=4028467205,644735175&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18410 bytes)
Hash
dbdb0ab853c9a6b6432e510def95edbd
0e1d589a51ff03bb04c351525384648a32ff9b35
5b09c42f5078cf33b0122b9eefba34de1062a4c78d9bb0b4e07ecc8e8c466484

HTTP Headers

GET /it/u=4028467205,644735175&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 18410
expires: Mon, 06 Feb 2023 13:44:10 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: dbdb0ab853c9a6b6432e510def95edbd
age: 118797
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 13:44:10 GMT
ohc-cache-hit: lz3ct59 [4], czix59 [4]
ohc-file-size: 18410
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500

125.74.42.35

200 OK

49 kB

URL HTTP/2
img0.baidu.com/it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
49 kB (49088 bytes)
Hash
3fe1b9fbb0e78b2c74dec7a30fb7cc5b
f21e64426105488e039ea698d4e4e749863a5751
6a273f4e23f26dcb0647acd40e2d25b1a8f02fe966c13de7f4093659e215d6a2

HTTP Headers

GET /it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 49088
expires: Mon, 20 Feb 2023 02:36:07 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 3fe1b9fbb0e78b2c74dec7a30fb7cc5b
age: 39704
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:36:07 GMT
ohc-cache-hit: lz3ct88 [4], suzix104 [4]
ohc-file-size: 49088
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=2620001455,1692512267&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867

125.74.42.35

200 OK

37 kB

URL HTTP/2
img0.baidu.com/it/u=2620001455,1692512267&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x867, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
37 kB (36768 bytes)
Hash
85fdc0e682d417409115511cee488c6b
9eae2848a379ea797fc6adfb9e9959e6f50aa397
d83806f3105753298148aa214397b76d84e3748598e267122be6b5ca90cb1437

HTTP Headers

GET /it/u=2620001455,1692512267&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 36768
expires: Mon, 20 Feb 2023 15:33:26 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 85fdc0e682d417409115511cee488c6b
age: 313306
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 15:33:26 GMT
ohc-cache-hit: lz3ct72 [4], suzix232 [4]
ohc-file-size: 36768
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=3617770504,24983910&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

125.74.42.35

200 OK

25 kB

URL HTTP/2
img0.baidu.com/it/u=3617770504,24983910&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
25 kB (25198 bytes)
Hash
c5703df470ea6c6d8f2ca15422c3c4a7
ced17e28ac841a8e9c2bc539c57d5897b7e62f34
2ae482553f558c9e8f56dd00957647e2bed6f211ff8f4430005d2b1ee3a41256

HTTP Headers

GET /it/u=3617770504,24983910&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 25198
expires: Wed, 15 Feb 2023 11:38:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: c5703df470ea6c6d8f2ca15422c3c4a7
age: 179283
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 11:38:58 GMT
ohc-cache-hit: lz3ct70 [4], qdix197 [4]
ohc-file-size: 25198
x-cache-status: HIT
X-Firefox-Spdy: h2

img2.baidu.com/it/u=849778306,1970475678&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500

125.74.42.35

200 OK

30 kB

URL HTTP/2
img2.baidu.com/it/u=849778306,1970475678&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 890x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
30 kB (29906 bytes)
Hash
00a3d5ad0b9808ee8246591e0bdca16f
651cc61f7af71ca9e932ae1d672cf6ad5152dad5
3d633c12ce4073ea80c9a145243ee09878d862b85e0e9cc0f0b90e4194af42af

HTTP Headers

GET /it/u=849778306,1970475678&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 29906
expires: Thu, 09 Feb 2023 12:57:26 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 00a3d5ad0b9808ee8246591e0bdca16f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 12:57:26 GMT
ohc-cache-hit: lz3ct83 [1], wzix83 [4]
ohc-file-size: 29906
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=928402332,1870921766&fm=253&fmt=auto&app=138&f=JPEG?w=571&h=500

125.64.104.35

200 OK

37 kB

URL HTTP/2
img1.baidu.com/it/u=928402332,1870921766&fm=253&fmt=auto&app=138&f=JPEG?w=571&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 571x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
37 kB (37282 bytes)
Hash
278a867624f15132894c8264f6fb5349
787f1c84523bdf5e335711c1c9a79806b860f448
97f0ac89e773f8c7a1dab7c7e89ee0fb9af264bdbaf510a25b687b3c4ffbcc1c

HTTP Headers

GET /it/u=928402332,1870921766&fm=253&fmt=auto&app=138&f=JPEG?w=571&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:41 GMT
content-type: image/webp
content-length: 37282
expires: Sat, 11 Feb 2023 07:14:14 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 278a867624f15132894c8264f6fb5349
age: 137524
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 07:14:14 GMT
ohc-cache-hit: dy2ct107 [4], czix237 [4]
ohc-file-size: 37282
x-cache-status: HIT
X-Firefox-Spdy: h2

img2.baidu.com/it/u=2687657228,3818127795&fm=253&app=120&f=JPEG?w=1280&h=800

180.97.66.35

200 OK

81 kB

URL HTTP/1.1
img2.baidu.com/it/u=2687657228,3818127795&fm=253&app=120&f=JPEG?w=1280&h=800
IP
180.97.66.35:0
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size
81 kB (80633 bytes)
Hash
8bb15fbd4c1748bca82ee58c4badbc9b
41a3a94ca78f3ded9fbe8980984452cc6b566ac3
e2c537823b1e9659823f4f02ecfd413a2e6849fefd1095f70249ce318ac5d03b

HTTP Headers

GET /it/u=2687657228,3818127795&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 80633
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:19:33 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 8bb15fbd4c1748bca82ee58c4badbc9b
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 18:19:33 GMT
Ohc-Cache-HIT: suz2ct73 [1], qdix73 [4]
Ohc-File-Size: 80633
X-Cache-Status: MISS

img2.baidu.com/it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800

180.97.66.35

200 OK

87 kB

URL HTTP/1.1
img2.baidu.com/it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800
IP
180.97.66.35:0
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size
87 kB (86897 bytes)
Hash
dc15aeab146435f771128c7389a32393
84c254bf57ae87d38cb4c4314253f250f21ecdf6
9dfe55ab0b2e76939ac0120fbdfd4e7970deca117a571315cb4d39c230bee188

HTTP Headers

GET /it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12931.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 86897
Connection: keep-alive
Expires: Sat, 11 Feb 2023 17:23:57 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: dc15aeab146435f771128c7389a32393
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 17:23:57 GMT
Ohc-Cache-HIT: suz2ct63 [1], czix98 [4]
Ohc-File-Size: 86897
X-Cache-Status: MISS

img0.baidu.com/it/u=3882191210,4062610010&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800

125.74.42.35

200 OK

70 kB

URL HTTP/2
img0.baidu.com/it/u=3882191210,4062610010&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
70 kB (69512 bytes)
Hash
c9d853505f5fa3dcf7af28f592d44bbe
667be22cb21c6f9bef612a63c885ba3539755174
c90dedeedf52f3bcd8ed7991b3f145d16dac695cc9683f53ec2b9af539a632d9

HTTP Headers

GET /it/u=3882191210,4062610010&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:42 GMT
content-type: image/webp
content-length: 69512
expires: Thu, 02 Mar 2023 13:39:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c9d853505f5fa3dcf7af28f592d44bbe
age: 138692
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 13:39:03 GMT
ohc-cache-hit: lz3ct86 [4], wzix86 [2]
ohc-file-size: 69512
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=1554408427,769955625&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

125.74.42.35

200 OK

20 kB

URL HTTP/2
img0.baidu.com/it/u=1554408427,769955625&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (20202 bytes)
Hash
0e2a55b9f83b0378802decdc71679b95
8b32fea51b2f2cf769ec0efa554ec40167e56b62
18b357c569176f95cc71a0559895ca75da7c5bbbbb570294867e8e15640a9126

HTTP Headers

GET /it/u=1554408427,769955625&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12931.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:42 GMT
content-type: image/webp
content-length: 20202
expires: Tue, 21 Feb 2023 14:09:06 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0e2a55b9f83b0378802decdc71679b95
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 14:09:06 GMT
ohc-cache-hit: lz3ct55 [1], czix96 [4]
ohc-file-size: 20202
x-cache-status: MISS
X-Firefox-Spdy: h2

12931.url.tudown.com/favicon.ico

154.218.151.71

200 OK

0 B

URL HTTP/1.1
12931.url.tudown.com/favicon.ico
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 12931.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12931.url.tudown.com/down/berrybox%E4%B8%8B%E8%BD%BD@134_2582.exe
Cookie: __bid_n=1861d1cf31c694962b4207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675526176; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675526176

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:42 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes

jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba

54.230.111.58

200 OK

0 B

URL HTTP/2
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP
54.230.111.58:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12931.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Sat, 04 Feb 2023 15:50:26 GMT
cache-control: max-age=600
expires: Sat, 04 Feb 2023 15:59:52 GMT
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _g5nqjR67JJU_3wnch1HTMa6oFuVWy0iZ03NrYJ5n4XqfH-lhAw0_A==
age: 346
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML