r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12655
Expires: Sat, 14 Jan 2023 01:13:07 GMT
Date: Fri, 13 Jan 2023 21:42:12 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7144
Expires: Fri, 13 Jan 2023 23:41:16 GMT
Date: Fri, 13 Jan 2023 21:42:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 13 Jan 2023 20:48:52 GMT
content-type: application/json
age: 3200
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6151
Expires: Fri, 13 Jan 2023 23:24:43 GMT
Date: Fri, 13 Jan 2023 21:42:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HzUj7TP2kfZz0DQawe/JLF0C9lkzyQhvc9c4RU1HPk5emgfT6ColrCaFYs5a/PacDlsouTz+cPcwAxZnFZq43w==
x-amz-request-id: 6Z0R1QPE2G8V6WE0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 13 Jan 2023 20:43:27 GMT
age: 3525
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 13 Jan 2023 21:42:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 13 Jan 2023 21:33:45 GMT
age: 507
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2873
Cache-Control: max-age=130347
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 21:42:12 GMT
Etag: "63c11f26-1d7"
Expires: Sun, 15 Jan 2023 09:54:39 GMT
Last-Modified: Fri, 13 Jan 2023 09:06:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
12803.url.tudown.com/down/windows@34_147488.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/down/windows@34_147488.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 2f155727db65509a95e4486fc7b9eaa9
15eac7ad3d39935c4d7d4589d38544299e0c7a72
01418f68b56b539791cb2ec00b427df1b07ab9ae6dba94fb12f5dc9641221848
Analyzer Verdict Alert fortinet Malware
GET /down/windows@34_147488.exe HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12803.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.24.78.9101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.24.78.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 40gbO/zHaarXN+2mUkH6xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xWUBA7H64mX6PPz0WOIhO7BbjeI=
12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 21:42:13 GMT
Last-Modified: Fri, 13 Jan 2023 07:12:31 GMT
ETag: "63c1045f-1d7"
Expires: Sun, 15 Jan 2023 07:12:31 GMT
Cache-Control: max-age=120618
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673646133
Via: cache26.l2de2[253,252,200-0,M], cache26.l2de2[253,0], cache7.se1[276,275,200-0,M], cache7.se1[277,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16736461336324404e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 21:42:13 GMT
Last-Modified: Fri, 13 Jan 2023 07:12:31 GMT
ETag: "63c1045f-1d7"
Expires: Sun, 15 Jan 2023 07:12:31 GMT
Cache-Control: max-age=120618
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673646133
Via: cache9.l2de2[254,254,200-0,M], cache9.l2de2[255,0], cache2.se1[276,276,200-0,M], cache2.se1[277,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616736461337024169e
12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5138), with no line terminators
Hash c83c63e3d1df592bff50dc9f4b5a558b
b28eed29218178ac4ec5153351620e709c0eaf11
b96da314525ccb46b9dd902abce4d83d4946fbe2a0b234eea7924afa226d3e8d
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2142
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Fri, 13 Jan 2023 22:42:13 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0e87b1b099a37de-143
Server: yunjiasu
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.207301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.207:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache8.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9c16736461341253917e
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5137), with no line terminators
Hash bcddf28f0671ec1db79a760fddb6d897
b84d5709c74db849da0fbfd719d6e87f48098581
0417e2c22d96d61711da0259aa3cb71f138ef810d8ed694dc5a740602b46744a
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2139
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Fri, 13 Jan 2023 22:42:14 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0e87b1b22d237df-143
Server: yunjiasu
img4.duote.com/duoteimg/js/front_ad.js
222.186.17.199200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 222.186.17.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Thu, 12 Jan 2023 14:15:38 GMT
x-oss-request-id: 63C0160AD2368136310F1F13
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1673532938
via: cache8.l2cn3037[0,0,200-0,H], cache17.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache16.cn5274[1,0]
age: 113196
x-cache: HIT TCP_MEM_HIT dirn:9:131780256
x-swift-savetime: Fri, 13 Jan 2023 05:19:47 GMT
x-swift-cachetime: 15497751
timing-allow-origin: *
eagleid: deba11a316736461340426567e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0b272865b931d7cfab7bfe782830ddd4
4c4c4035f4affc241a0ce63ce88dc09e2409c9f2
8948ca81266e22f7fc964a94dca0732959723a13ef8818daa286c20c13da5adf
GET /uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250 HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 21:42:14 GMT
Last-Modified: Fri, 13 Jan 2023 07:12:31 GMT
ETag: "63c1045f-1d7"
Expires: Sun, 15 Jan 2023 07:12:31 GMT
Cache-Control: max-age=120617
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673646134
Via: cache11.l2de2[455,455,200-0,M], cache11.l2de2[456,0], cache1.se1[478,478,200-0,M], cache1.se1[479,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:14 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516736461337174518e
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
222.186.17.199200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 222.186.17.199:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 10:48:37 GMT
x-oss-request-id: 63B55985341EC4383238B58D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 26
ali-swift-global-savetime: 1672829317
via: cache42.l2cn3037[0,0,200-0,H], cache35.l2cn3037[1,0], ens-vcache1.cn5274[0,0,200-0,H], ens-vcache16.cn5274[1,0]
age: 816817
x-cache: HIT TCP_MEM_HIT dirn:12:207588523
x-swift-savetime: Wed, 04 Jan 2023 11:29:37 GMT
x-swift-cachetime: 15549540
timing-allow-origin: *
eagleid: deba11a316736461340876580e
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 21:42:14 GMT
Ali-Swift-Global-Savetime: 1673646134
Via: cache8.l2de2[464,463,200-0,M], cache8.l2de2[473,0], cache3.se1[494,493,200-0,M], cache3.se1[495,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:14 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716736461337074419e
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e455d2ff67e7203c5c67a8983d09df24
11930b9d4c63193c620cf27627bd5492b5dfee4e
c51a42ef7795832e1f15be91e81127670179ed5cfd053c9a53bb4581ada61adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C51A42EF7795832E1F15BE91E81127670179ED5CFD053C9A53BB4581ADA61ADF"
Last-Modified: Thu, 12 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11242
Expires: Sat, 14 Jan 2023 00:49:36 GMT
Date: Fri, 13 Jan 2023 21:42:14 GMT
Connection: keep-alive
12803.url.tudown.com/uploads/images/732268.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/732268.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/732268.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3575150506,2920052522&fm=253&app=120&f=JPEG?w=1422&h=800
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
222.186.17.199200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 222.186.17.199:0
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Thu, 08 Dec 2022 06:30:46 GMT
x-oss-request-id: 63918496AFFD703338923AEB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "4C7F46FF62D37B2CC7456F8F9EB96611"
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
vary: Accept-Encoding
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 24
content-encoding: gzip
ali-swift-global-savetime: 1670481046
via: cache8.l2cn3037[0,0,200-0,H], cache8.l2cn3037[1,0], ens-vcache24.cn5274[0,0,200-0,H], ens-vcache16.cn5274[6,0]
age: 3165088
x-cache: HIT TCP_MEM_HIT dirn:12:169637919
x-swift-savetime: Sun, 01 Jan 2023 07:02:50 GMT
x-swift-cachetime: 13476476
timing-allow-origin: *
eagleid: deba11a316736461341196605e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/62229.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/62229.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/62229.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3365056600,3575916010&fm=253&fmt=auto&app=138&f=JPEG?w=441&h=500
12803.url.tudown.com/uploads/images/256978.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/256978.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/256978.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2422648981,3530671427&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
222.186.17.199200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 222.186.17.199:0
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 02:18:07 GMT
vary: Accept-Encoding
x-oss-request-id: 634F5E5F9F5C5134319809A9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 11
content-encoding: gzip
ali-swift-global-savetime: 1666145887
via: cache71.l2cn3037[0,0,200-0,H], cache1.l2cn3037[1,0], ens-vcache29.cn5274[0,0,200-0,H], ens-vcache16.cn5274[0,0]
age: 7500247
x-cache: HIT TCP_MEM_HIT dirn:11:296498382
x-swift-savetime: Sun, 01 Jan 2023 07:31:10 GMT
x-swift-cachetime: 9139617
timing-allow-origin: *
eagleid: deba11a316736461343296655e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/baidu_js_push.js
222.186.17.199200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 222.186.17.199:0
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Mon, 19 Dec 2022 17:16:09 GMT
x-oss-request-id: 63A09C59AFFD70313763EF54
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 5
ali-swift-global-savetime: 1671470169
via: cache17.l2cn3037[0,0,200-0,H], cache43.l2cn3037[1,0], ens-vcache19.cn5274[0,0,200-0,H], ens-vcache16.cn5274[1,0]
age: 2175965
x-cache: HIT TCP_MEM_HIT dirn:12:232271878
x-swift-savetime: Sun, 01 Jan 2023 05:15:12 GMT
x-swift-cachetime: 14472057
timing-allow-origin: *
eagleid: deba11a316736461343346656e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Sat, 14 Jan 2023 09:42:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/591014.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/591014.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/591014.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3099533072,2498808162&fm=253&app=120&f=JPEG?w=800&h=800
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19815
Expires: Sat, 14 Jan 2023 03:12:29 GMT
Date: Fri, 13 Jan 2023 21:42:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c276d1876bfcc6ec4dfb94bcdd2f6c8
177a80d7d4d3fc273a712cada41abdd87b138a6c
abceeefeec2fc658e285a2898e38a36643501bfa1d66f33e216f100e456a8c06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8785
x-amzn-requestid: 92e6f0ba-49c3-439f-baeb-61b920557305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epidYGOsIAMFn7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07def-5e2c33e8430e4e7a75eaecf5;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:38:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3kEaSCu5zl13dK5jvG9x0lqxr8XOoH8yrKOM5UiSebEfL8MhmCE3Zw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:56:57 GMT
age: 85517
etag: "177a80d7d4d3fc273a712cada41abdd87b138a6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb3062f9905c7c6f159cd203f5fdfe64
bcf17c475a27fae03369d1677dc0bedf6793e6b2
33dc1a810207f498c28b764cc26afa00b16594629ae6777957ccffd8e2c51f8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9432
x-amzn-requestid: 2835c1c8-0a8e-4985-be89-d641d5425971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph50HONIAMF3vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d0b-53c6156514cdb1a463add03b;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W-sMN_GmKTzpALbkiDZq8bZCcXYVECeDSeEx0HgBtoobNoxZfsNjEQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:50:27 GMT
age: 85907
etag: "bcf17c475a27fae03369d1677dc0bedf6793e6b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYm3Isapf3670wIeWAet4FHx_jth_lxT3hNJONRFP-fyEUdrxL4-8w==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 12:37:32 GMT
age: 32682
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51f29fa68742d72a5ad8ad54a973424d
4941e01c8718adfe7ce13d551e80549236e561df
83b4e946e058ae662e559703f64896ce4c5de969045cf8e3e00806297eab0007
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6895
x-amzn-requestid: 9367b7b5-6904-4308-85ca-69231b2d6fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXnqzFBlIAMFcQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b95311-5774375508659511014974c0;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 11:10:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Tb0vCOED6eMc1HvWajlgvsw9cM3LqmmPrhZtcMrfo7u5srSt0aGwHw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:44:10 GMT
age: 86284
etag: "4941e01c8718adfe7ce13d551e80549236e561df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e514f1b711f68a1699f9d0d269ca9a8a
71621fabcc4ae2a8c3180e22e63fac1217c4032f
cc10cadc4477cc6faa1973343b9019b1b4bc94e5ec9fab114a4b755f24872f35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9697
x-amzn-requestid: 8ddac5a8-5cab-44fc-9706-b97e1ae49330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eoXRyEfoIAMFg4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c005a4-496708b278b5629672c73223;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 13:05:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1ILOk1G4LPzNuLV1y463WAyAVpuosyMCEelNeymdH5rtl91xJ3E98w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 05:53:40 GMT
age: 56914
etag: "71621fabcc4ae2a8c3180e22e63fac1217c4032f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba61442e6ededd7b49f6244613df0e63
385f45b5920174ca20bcc2d9c02eedb4641f48a9
5e5cd1fd026dc72d0c3c5032fbae17f3383c64ee2714808c892c094353f31012
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5990
x-amzn-requestid: 54a83ca0-eb61-4212-8c98-e1e182b860ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsZiEeBoAMF7kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2770-3565b4d43d28ee3c0fd16ed0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7P8dm7TtmszFi3AYz0m93ONL-tmAjRI-dsBe2gMbXJ3mud2dr35Lyg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 03:21:49 GMT
age: 66025
etag: "385f45b5920174ca20bcc2d9c02eedb4641f48a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e48f445945991cf5746cef255d8f607c
d63fbf370f8bf73f250e8d201aabf2c72cc4eac5
3c2ca84144af24bee15989e9d8f88768503e508656d92ce0778863096013daa9
GET /common/ipnotice/ HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash d9c2c81bad072a3ed93d3b2f7b2b237d
03fb7653408edf6076fbc244aaa47611d0ffdf2a
210f0aa2799c149e9045dbf9f5da4cf0977e70a235127a4f65d9755b6f34e439
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 17 Jan 2023 19:56:12 GMT
ETag: "03fb7653408edf6076fbc244aaa47611d0ffdf2a"
Last-Modified: Fri, 13 Jan 2023 19:56:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1246
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78914cf68927b503-OSL
12803.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 21:15:27 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=591564,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 789125b8bc148fe6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673644527
via: cache2.l2de2[0,0,304-0,H], cache17.l2de2[0,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0], cache1.se1[2,0]
age: 1607
x-cache: HIT TCP_MEM_HIT dirn:1:299013577
x-swift-savetime: Fri, 13 Jan 2023 21:26:43 GMT
x-swift-cachetime: 1124
timing-allow-origin: *, *
eagleid: 2ff62c9516736461348215393e, 2ff62c9516736461348215393e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 21:15:27 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=591564,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 789125b8bc148fe6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673644527
via: cache2.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache4.se1[0,0,200-0,H], cache4.se1[3,0], cache8.se1[6,0]
age: 1607
x-cache: HIT TCP_MEM_HIT dirn:11:73708451
x-swift-savetime: Fri, 13 Jan 2023 21:26:43 GMT
x-swift-cachetime: 1124
timing-allow-origin: *, *
eagleid: 2ff62c9c16736461348214554e, 2ff62c9c16736461348214554e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 21:15:27 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=591564,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 789125b8bc148fe6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673644527
via: cache2.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0], cache7.se1[4,0]
age: 1607
x-cache: HIT TCP_MEM_HIT dirn:11:73708451
x-swift-savetime: Fri, 13 Jan 2023 21:26:43 GMT
x-swift-cachetime: 1124
timing-allow-origin: *, *
eagleid: 2ff62c9b16736461348255395e, 2ff62c9b16736461348255395e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 21:15:27 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=591564,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 789125b8bc148fe6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673644527
via: cache2.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0], cache8.se1[3,0]
age: 1607
x-cache: HIT TCP_MEM_HIT dirn:11:73708451
x-swift-savetime: Fri, 13 Jan 2023 21:26:43 GMT
x-swift-cachetime: 1124
timing-allow-origin: *, *
eagleid: 2ff62c9c16736461348214553e, 2ff62c9c16736461348214553e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 21:15:27 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=591564,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 789125b8bc148fe6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673644527
via: cache2.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache4.se1[0,0,200-0,H], cache4.se1[0,0], cache7.se1[3,0]
age: 1607
x-cache: HIT TCP_MEM_HIT dirn:11:73708451
x-swift-savetime: Fri, 13 Jan 2023 21:26:43 GMT
x-swift-cachetime: 1124
timing-allow-origin: *, *
eagleid: 2ff62c9b16736461348245394e, 2ff62c9b16736461348245394e
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 3ece21982cf0bed95804c30258d40258
115e222029413bb4f858961dab299bcaec87e4ce
d0c4e38fe8adacbe670f09caba3f9b3389189b46f739eed235fdd8b6abad817a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 17 Jan 2023 18:54:08 GMT
ETag: "115e222029413bb4f858961dab299bcaec87e4ce"
Last-Modified: Fri, 13 Jan 2023 18:54:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1274
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78914cf6ece5b4f1-OSL
12803.url.tudown.com/uploads/images/966864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/966864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/966864.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1077395654,3347505086&fm=253&fmt=auto&app=120&f=JPEG?w=200&h=200
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
180.101.198.239200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461A70130303428621A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 40
ali-swift-global-savetime: 1658930273
via: cache74.l2cn3037[0,0,304-0,H], cache20.l2cn3037[1,0], vcache5.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 14715861
x-cache: HIT TCP_MEM_HIT dirn:10:232409100
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551817
timing-allow-origin: *
eagleid: b465c62616736461348163079e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
180.101.198.239200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Sat, 30 Jul 2022 05:24:34 GMT
x-oss-request-id: 62E4C092E38C983934309E2A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 25
ali-swift-global-savetime: 1659158674
via: cache2.l2cn2656[0,0,304-0,H], cache35.l2cn2656[0,0], vcache1.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 14487460
x-cache: HIT TCP_MEM_HIT dirn:10:270045207
x-swift-savetime: Wed, 03 Aug 2022 04:14:12 GMT
x-swift-cachetime: 15210622
timing-allow-origin: *
eagleid: b465c62616736461348163081e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
180.101.198.239200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Wed, 27 Jul 2022 13:56:57 GMT
x-oss-request-id: 62E144290FAF3430362AB6AF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 173
ali-swift-global-savetime: 1658930217
via: cache16.l2cn3037[0,0,304-0,H], cache75.l2cn3037[1,0], vcache7.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 14715917
x-cache: HIT TCP_MEM_HIT dirn:11:431973436
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551761
timing-allow-origin: *
eagleid: b465c62616736461348163080e
X-Firefox-Spdy: h2
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash 78dd6e204de7965d270c7ee295125050
e658dcc42319458a14373cabfa93e71c74751752
46b34a5172235dbf7d5e550f7f716757fa27f959efd3a7728b3141b1e025b83a
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Length: 370
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
119.96.204.250200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 119.96.204.250:0
ASN #58563 CHINANET Hubei province network
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Fri, 13 Jan 2023 20:54:11 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Fri, 13 Jan 2023 20:54:11 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1673643251
via: cache20.l2cn1836[0,0,200-0,H], cache2.l2cn1836[0,0], cache8.cn6[0,0,200-0,H], cache20.cn6[1,0]
age: 2883
x-cache: HIT TCP_MEM_HIT dirn:9:342716523
x-swift-savetime: Fri, 13 Jan 2023 20:54:41 GMT
x-swift-cachetime: 3570
timing-allow-origin: *
eagleid: 7760cc9616736461349385303e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/139808.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/139808.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/139808.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=930554859,850887514&fm=253&app=120&f=JPEG?w=1422&h=800
12803.url.tudown.com/uploads/images/217479.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/217479.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/217479.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=87452581,1115832899&fm=253&fmt=auto?w=1280&h=800
12803.url.tudown.com/uploads/images/75242.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/75242.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/75242.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=574344514,839866552&fm=253&fmt=auto&app=138&f=GIF?w=500&h=429
12803.url.tudown.com/uploads/images/756792.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/756792.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/756792.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4188189071,4249964542&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=325
12803.url.tudown.com/uploads/images/720618.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/720618.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/720618.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2772027019,3292979538&fm=253&fmt=auto&app=138&f=JPEG?w=407&h=500
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
180.101.198.239200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Tue, 18 Oct 2022 08:31:25 GMT
x-oss-request-id: 634E645DC8A4583832C601BC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 142
ali-swift-global-savetime: 1666081885
via: cache78.l2cn3037[0,0,304-0,H], cache49.l2cn3037[1,0], vcache17.cn4732[0,0,200-0,H], vcache18.cn4732[3,0]
age: 7564249
x-cache: HIT TCP_MEM_HIT dirn:9:301135434
x-swift-savetime: Tue, 18 Oct 2022 08:48:07 GMT
x-swift-cachetime: 15550998
timing-allow-origin: *
eagleid: b465c62616736461348163082e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
180.101.198.239200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461DC81703736A9B209
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 33
ali-swift-global-savetime: 1658930273
via: cache19.l2cn3037[0,0,304-0,H], cache2.l2cn3037[0,0], vcache23.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 14715861
x-cache: HIT TCP_MEM_HIT dirn:11:21940263
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551817
timing-allow-origin: *
eagleid: b465c62616736461348173083e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
180.101.198.239200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E144616F52933834F154DF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 86
ali-swift-global-savetime: 1658930273
via: cache39.l2cn3037[0,0,304-0,H], cache72.l2cn3037[1,0], vcache15.cn4732[0,0,200-0,H], vcache18.cn4732[1,0]
age: 14715861
x-cache: HIT TCP_MEM_HIT dirn:10:247805955
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551817
timing-allow-origin: *
eagleid: b465c62616736461348193085e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
180.101.198.239200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Wed, 27 Jul 2022 14:00:56 GMT
x-oss-request-id: 62E1451844A24C3331B8E6EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 53
ali-swift-global-savetime: 1658930456
via: cache67.l2cn3037[164,164,304-0,M], cache39.l2cn3037[166,0], vcache3.cn4732[0,0,200-0,H], vcache18.cn4732[1,0]
age: 14715678
x-cache: HIT TCP_MEM_HIT dirn:9:181936673
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62616736461348193086e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
180.101.198.239200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,304-0,H], cache76.l2cn3037[0,0], vcache21.cn4732[0,0,200-0,H], vcache18.cn4732[1,0]
age: 3005612
x-cache: HIT TCP_MEM_HIT dirn:9:35026318
x-swift-savetime: Sat, 10 Dec 2022 03:04:45 GMT
x-swift-cachetime: 15551037
timing-allow-origin: *
eagleid: b465c62616736461348223087e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
180.101.198.239200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Tue, 06 Dec 2022 22:52:39 GMT
x-oss-request-id: 638FC7B7AEF36B30351D8998
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 112
ali-swift-global-savetime: 1670367159
via: cache80.l2cn3037[87,86,304-0,M], cache20.l2cn3037[89,0], vcache15.cn4732[0,0,200-0,H], vcache18.cn4732[1,0]
age: 3278976
x-cache: HIT TCP_MEM_HIT dirn:4:773595770
x-swift-savetime: Tue, 06 Dec 2022 22:52:39 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62616736461350543180e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
180.101.198.239200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Wed, 07 Dec 2022 22:38:17 GMT
x-oss-request-id: 639115D9EBE1D337378BAB5F
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 93
ali-swift-global-savetime: 1670452697
via: cache6.l2cn3037[0,0,304-0,H], cache22.l2cn3037[1,0], vcache17.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 3193438
x-cache: HIT TCP_MEM_HIT dirn:10:259663521
x-swift-savetime: Wed, 07 Dec 2022 23:34:46 GMT
x-swift-cachetime: 15548611
timing-allow-origin: *
eagleid: b465c62616736461350543182e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
180.101.198.239200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Sun, 16 Oct 2022 07:04:46 GMT
x-oss-request-id: 634BAD0E0FAF34313397FCF8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 132
ali-swift-global-savetime: 1665903886
via: cache52.l2cn3047[0,0,304-0,H], cache28.l2cn3047[1,0], vcache7.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 7742249
x-cache: HIT TCP_MEM_HIT dirn:9:109913209
x-swift-savetime: Tue, 18 Oct 2022 05:04:17 GMT
x-swift-cachetime: 15386429
timing-allow-origin: *
eagleid: b465c62616736461350543184e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
180.101.198.239200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Fri, 09 Dec 2022 13:25:13 GMT
x-oss-request-id: 63933739960DF237391E4EA8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 46
ali-swift-global-savetime: 1670592313
via: cache35.l2cn3037[0,0,304-0,H], cache40.l2cn3037[1,0], vcache14.cn4732[0,0,200-0,H], vcache18.cn4732[2,0]
age: 3053822
x-cache: HIT TCP_MEM_HIT dirn:11:15204520
x-swift-savetime: Fri, 09 Dec 2022 14:08:59 GMT
x-swift-cachetime: 15549374
timing-allow-origin: *
eagleid: b465c62616736461350543181e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/758273.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/758273.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/758273.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=211515418,587469737&fm=253&app=138&f=JPEG?w=708&h=500
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.248404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.248:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Fri, 13 Jan 2023 21:42:15 GMT
ali-swift-global-savetime: 1673646135
via: cache78.l2cn3037[30,30,404-1280,M], cache26.l2cn3037[32,0], cache26.l2cn3037[32,0], vcache27.cn4733[76,75,404-1280,M], vcache28.cn4733[77,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Fri, 13 Jan 2023 21:42:15 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c73016736461349653889e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/793884.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/793884.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/793884.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1195511246,1550033194&fm=224&app=112&f=JPEG?w=500&h=459
12803.url.tudown.com/uploads/images/503707.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/503707.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/503707.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2097519798,3357258687&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
static.mediav.com/js/mvf_g2.js
101.198.192.8200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Sat, 14 Jan 2023 02:42:15 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
12803.url.tudown.com/uploads/images/633751.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/633751.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/633751.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
12803.url.tudown.com/uploads/images/329992.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/329992.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/329992.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3672185411,1753875471&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=217
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 16 Jan 2023 02:00:19 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 64336
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: JT6BkvVLE9azBPO/DzyM7YxGrIXhgA5dvh7eappSaehhbpZwAXTf8t2hHCCbT5PKQBm7He3SXz5sqguLRbgK1Q==
x-bce-request-id: 010843bc-3dd7-4dcd-8bdf-0ab184bc4b71
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 02:00:19 GMT
Ohc-Cache-HIT: wz2ct54 [2], nb2ctcache77 [1]
Ohc-Response-Time: 1 0 0 0 0 0
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5b94c0648153a97963759599907d19bb
d2fe22fc0092aba047a2960630bddb4033083818
afaf429b95d541c5d3f6f7f1c918090c05357299b093022ebad4aa63e01d97e9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 21:26:44 GMT
last-modified: Thu, 12 Jan 2023 04:39:52 GMT
expires: Thu, 19 Jan 2023 04:39:51 GMT
etag: "d2fe22fc0092aba047a2960630bddb4033083818"
cache-control: max-age=595549,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78913642bdf45c44-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673645204
via: cache9.l2de2[41,40,304-0,M], cache9.l2de2[41,0], cache8.se1[0,0,200-0,H], cache4.se1[0,0], cache1.se1[2,0]
age: 931
x-cache: HIT TCP_MEM_HIT dirn:11:252918452
x-swift-savetime: Fri, 13 Jan 2023 21:26:44 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516736461356726089e, 2ff62c9516736461356726089e
static.mediav.com/js/mvf_pm_slider.js
101.198.192.8200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Sat, 14 Jan 2023 02:42:15 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
12803.url.tudown.com/uploads/images/209949.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/209949.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209949.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/397063.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/397063.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/397063.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500
12803.url.tudown.com/uploads/images/753277.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/753277.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/753277.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/99637.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/99637.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/99637.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2472231518,133345511&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/917895.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/917895.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/917895.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash f572e40031a864868228e062394436a5
bf39b5b55901ff90861c8048d8b18b35480c64b8
a99b20a90f638fd6cf4b740e01cf050d0dbcc7667559703478f763c0c898cb9f
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Fri, 13 Jan 2023 21:42:15 GMT
Etag: db13fbf6681e121678e421f559c3fc80
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7D0CCB23A0F091D6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12803.url.tudown.com/uploads/images/867568.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/867568.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/867568.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=933824084,3800450290&fm=253&fmt=auto&app=138&f=JPEG?w=379&h=500
union2.50bang.org/web/duoteall?uId2=TUTQUPVLQS&r=&fBL=1280*1024
180.101.190.124200 OK 0 B URL HTTP/1.1 union2.50bang.org/web/duoteall?uId2=TUTQUPVLQS&r=&fBL=1280*1024
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/duoteall?uId2=TUTQUPVLQS&r=&fBL=1280*1024 HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uidFlag=1; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uUid=1A4463C1D037000E001204480004; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTL=1; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTT=1673646135; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 13 Jan 2023 21:42:15 GMT
Etag: "4078521116"
Expires: Sat, 13 Jan 2024 21:42:15 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=07080FD5F613F7FD988CAA144DA0BC3C:FG=1; max-age=31536000; expires=Sat, 13-Jan-24 21:42:15 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12803.url.tudown.com/uploads/images/635769.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/635769.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/635769.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2370324824,2854383975&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/237361.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/237361.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/237361.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4245460473,4190097722&fm=253&fmt=auto?w=1422&h=800
12803.url.tudown.com/uploads/images/397302.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/397302.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/397302.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500
12803.url.tudown.com/uploads/images/129736.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/129736.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/129736.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3893129934,3957262186&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=3575150506,2920052522&fm=253&app=120&f=JPEG?w=1422&h=800
36.99.3.35200 OK 94 kB URL HTTP/1.1 img0.baidu.com/it/u=3575150506,2920052522&fm=253&app=120&f=JPEG?w=1422&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash 4ea5fdd7deab9eaa787bd7cf99d5b5c8
6873f93f9a6fe0625ee5baad33a07c9dff83accc
d6cd04188d4afa5c021d801419c76edd1ee3ab937b0a1f86b7d45fd71ea0ba7f
GET /it/u=3575150506,2920052522&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpeg
Content-Length: 94351
Connection: keep-alive
Expires: Fri, 03 Feb 2023 12:46:35 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4ea5fdd7deab9eaa787bd7cf99d5b5c8
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 12:46:35 GMT
Ohc-Cache-HIT: ly4ct97 [1], bdix248 [2]
Ohc-File-Size: 94351
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/284424.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/284424.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/284424.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
img1.baidu.com/it/u=3099533072,2498808162&fm=253&app=120&f=JPEG?w=800&h=800
36.99.3.35200 OK 64 kB URL HTTP/1.1 img1.baidu.com/it/u=3099533072,2498808162&fm=253&app=120&f=JPEG?w=800&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Hash 265c05bc9d673481a7d294848c4e2bb8
575f8c9d53e30bd61451c89519fdb5ecf4f0ee6f
e2d6890a90a995a349c659be55b598a78b50f7a42c579d1f92dc45e7df477e9d
GET /it/u=3099533072,2498808162&fm=253&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpeg
Content-Length: 64342
Connection: keep-alive
Expires: Sun, 05 Feb 2023 20:15:51 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 265c05bc9d673481a7d294848c4e2bb8
Age: 165359
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 20:15:51 GMT
Ohc-Cache-HIT: ly4ct52 [4], csix52 [2]
Ohc-File-Size: 64342
X-Cache-Status: HIT
img1.baidu.com/it/u=211515418,587469737&fm=253&app=138&f=JPEG?w=708&h=500
36.99.3.35200 OK 61 kB URL HTTP/1.1 img1.baidu.com/it/u=211515418,587469737&fm=253&app=138&f=JPEG?w=708&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 708x500, components 3\012- data
Hash 4ad52be1c550abee02fe8c699e6df3c6
33aa68742fac518e100543dc7be1ea334b14ee22
51075afb7ec49c24d69062255a6d0853fa74da9be5ebdd928b16414c0bb586ca
GET /it/u=211515418,587469737&fm=253&app=138&f=JPEG?w=708&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpeg
Content-Length: 60969
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:29:18 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 4ad52be1c550abee02fe8c699e6df3c6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:29:18 GMT
Ohc-Cache-HIT: ly4ct84 [1], qdix129 [2]
Ohc-File-Size: 60969
X-Cache-Status: MISS
img2.baidu.com/it/u=2422648981,3530671427&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
42.81.98.35200 OK 72 kB URL HTTP/2 img2.baidu.com/it/u=2422648981,3530671427&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c68c37d9d46619d9cdc84103511b74de
b6ca91e8c123109df04a81788bf9e6bc040e9748
81222d3fc2f08893100ba28daf7b8b096178953284dc122b20a79e6f24297023
GET /it/u=2422648981,3530671427&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:15 GMT
content-type: image/webp
content-length: 72252
expires: Sat, 21 Jan 2023 12:44:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c68c37d9d46619d9cdc84103511b74de
age: 162459
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:44:31 GMT
ohc-cache-hit: tj5ct50 [4], suzix118 [4]
ohc-file-size: 72252
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1077395654,3347505086&fm=253&fmt=auto&app=120&f=JPEG?w=200&h=200
42.81.98.35200 OK 10 kB URL HTTP/2 img2.baidu.com/it/u=1077395654,3347505086&fm=253&fmt=auto&app=120&f=JPEG?w=200&h=200
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ab6700b1776098e31d62cc39f7d7772
bef9b9b7ab26b5b00ea955d9076928f662a318b2
f997c02340abd7ba4b27f08d822aa6dfe119d046f1b0484bff75568e984a5bd8
GET /it/u=1077395654,3347505086&fm=253&fmt=auto&app=120&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:15 GMT
content-type: image/webp
content-length: 9966
expires: Wed, 01 Feb 2023 11:08:37 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 9ab6700b1776098e31d62cc39f7d7772
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 11:08:37 GMT
ohc-cache-hit: tj5ct60 [1], bdix116 [2]
ohc-file-size: 9966
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/724466.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/724466.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/724466.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1902177438&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=13290&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&tt=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1902177438&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=13290&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&tt=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1902177438&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=13290&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&tt=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 13 Jan 2023 21:42:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BBA29A0824C9039A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img1.baidu.com/it/u=3365056600,3575916010&fm=253&fmt=auto&app=138&f=JPEG?w=441&h=500
36.99.3.35200 OK 44 kB URL HTTP/2 img1.baidu.com/it/u=3365056600,3575916010&fm=253&fmt=auto&app=138&f=JPEG?w=441&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 441x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 154ba2c7b3d5438a4ad98329202dfe30
254e649685a27575a335b2ac380a890dd2fffcf0
de93a2f65a5ead3d32c5be8c5241856e7223e9b3c584bf745098ff45c05db8be
GET /it/u=3365056600,3575916010&fm=253&fmt=auto&app=138&f=JPEG?w=441&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:15 GMT
content-type: image/webp
content-length: 44116
expires: Sat, 14 Jan 2023 02:49:09 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 154ba2c7b3d5438a4ad98329202dfe30
age: 4235
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 15 Dec 2022 02:49:09 GMT
ohc-cache-hit: ly4ct86 [4], czix86 [4]
ohc-file-size: 44116
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4188189071,4249964542&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=325
36.99.3.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=4188189071,4249964542&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=325
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x325, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dbbe8e2068e235c8308f361c5285661e
1d1604e6777cc899bfa6c4c747ca4f9fa6925091
c3edd25cd068ccb41f04a421a662edb051f358c67f28cb25f27efc502689322e
GET /it/u=4188189071,4249964542&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=325 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:15 GMT
content-type: image/webp
content-length: 21868
expires: Sat, 21 Jan 2023 13:49:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: dbbe8e2068e235c8308f361c5285661e
age: 77771
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 13:49:35 GMT
ohc-cache-hit: ly4ct80 [4], xaix199 [4]
ohc-file-size: 21868
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/77301.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/77301.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/77301.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1914632911,3493831096&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/285571.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/285571.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/285571.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724
12803.url.tudown.com/uploads/images/784837.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/784837.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/784837.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834
12803.url.tudown.com/uploads/images/991615.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/991615.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/991615.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1239492830,149497284&fm=224&app=112&f=JPEG?w=419&h=500
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
101.226.28.225200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 101.226.28.225:0
ASN #4812 China Telecom Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:50 GMT
x-oss-request-id: 63B54CAE8873C53939421D90
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 18
Ali-Swift-Global-Savetime: 1672826030
Via: cache45.l2cn1807[0,0,200-0,H], cache50.l2cn1807[0,0], vcache15.cn4757[0,0,200-0,H], vcache15.cn4757[1,0]
Age: 820106
X-Cache: HIT TCP_MEM_HIT dirn:10:251523674
X-Swift-SaveTime: Wed, 04 Jan 2023 09:55:49 GMT
X-Swift-CacheTime: 15551881
Timing-Allow-Origin: *
EagleId: 65e21ca316736461360591553e
12803.url.tudown.com/uploads/images/478929.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/478929.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/478929.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
img0.baidu.com/it/u=930554859,850887514&fm=253&app=120&f=JPEG?w=1422&h=800
36.99.3.35200 OK 141 kB URL HTTP/1.1 img0.baidu.com/it/u=930554859,850887514&fm=253&app=120&f=JPEG?w=1422&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 141 kB (140608 bytes)
Hash 1b9d63b6fcbb97aad830b5bd9679a0c5
de61f8dfacab359392375decec78d63b05c515c6
cd323d0c376ed2ce3298a79b578b3bf7594ca83cfb8a6e2721026db239b78148
GET /it/u=930554859,850887514&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpeg
Content-Length: 140608
Connection: keep-alive
Expires: Fri, 03 Feb 2023 09:02:52 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 1b9d63b6fcbb97aad830b5bd9679a0c5
Age: 172547
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 09:02:52 GMT
Ohc-Cache-HIT: ly4ct81 [4], csix81 [4]
Ohc-File-Size: 140608
X-Cache-Status: HIT
img0.baidu.com/it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 127 kB URL HTTP/1.1 img0.baidu.com/it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 127 kB (126576 bytes)
Hash 303474373e2ad55e86ae6a428743c24e
ee6f840c982cd138de4c93fd5843cbeefb8fde75
e55990a1260dc57c1e56f00c689970e5fd1dd624cb30791aa95ddc53b07fcf15
GET /it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:15 GMT
Content-Type: image/jpeg
Content-Length: 126576
Connection: keep-alive
Expires: Tue, 31 Jan 2023 07:16:03 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 303474373e2ad55e86ae6a428743c24e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 07:16:03 GMT
Ohc-Cache-HIT: ly4ct71 [1], wzix71 [2]
Ohc-File-Size: 126576
X-Cache-Status: MISS
img0.baidu.com/it/u=574344514,839866552&fm=253&fmt=auto&app=138&f=GIF?w=500&h=429
36.99.3.35200 OK 95 kB URL HTTP/2 img0.baidu.com/it/u=574344514,839866552&fm=253&fmt=auto&app=138&f=GIF?w=500&h=429
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type GIF image data, version 89a, 500 x 429\012- data
Hash d734f974e0e9e28f7ae691cd4b207452
7d6d8dc9486cdf8d668883ca3d52e60ed0594a8b
9e748bbad34920f3428ccd2e1b1bfad4af0c3526bb56657abf16b0e90236b701
GET /it/u=574344514,839866552&fm=253&fmt=auto&app=138&f=GIF?w=500&h=429 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/gif
content-length: 94618
expires: Wed, 25 Jan 2023 20:46:24 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d734f974e0e9e28f7ae691cd4b207452
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 20:46:23 GMT
ohc-cache-hit: ly4ct87 [1], xaix87 [2]
ohc-file-size: 94618
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/720329.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/720329.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/720329.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=87452581,1115832899&fm=253&fmt=auto?w=1280&h=800
36.99.3.35200 OK 70 kB URL HTTP/2 img1.baidu.com/it/u=87452581,1115832899&fm=253&fmt=auto?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55f03c2823b41ab9d8ace9b9b867294e
ea8bce4031a6d0846f5f15b8e5e331993db824c1
a2c332ae016d1d83579591165b52bf5047db463227b8a2fa44883ce98c87c9b7
GET /it/u=87452581,1115832899&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 70076
expires: Sun, 29 Jan 2023 06:58:31 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 55f03c2823b41ab9d8ace9b9b867294e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 06:58:31 GMT
ohc-cache-hit: ly4ct84 [1], xiangyix84 [2]
ohc-file-size: 70076
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/38047.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/38047.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/38047.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=605626764,3456147288&fm=253&app=138&f=PNG?w=500&h=800
12803.url.tudown.com/uploads/images/347742.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/347742.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/347742.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/551663.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/551663.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/551663.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2122648483,1370232110&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/686609.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/686609.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/686609.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3193813298,1643864883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=821
img0.baidu.com/it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724
36.99.3.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x724, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36aecafc1bc4a0385ee0a4659ba9bba3
c6264e91b9124663e27d33f4c62e0a2d5ea87f07
bf6adab3414b9aaf1650da464a4da1d8142aa43505f00966fcfff3407c39a3f1
GET /it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 27208
expires: Sun, 22 Jan 2023 03:42:00 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 36aecafc1bc4a0385ee0a4659ba9bba3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 03:42:00 GMT
ohc-cache-hit: ly4ct104 [1], qdix199 [2]
ohc-file-size: 27208
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
36.99.3.35200 OK 4.9 kB URL HTTP/2 img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b48caf6eb2d56562133a6a70d8f1c91
5fed66abdb48f24fd3475905c334e8a200a1e286
7b1e156ec616de69786788f83d4d63397928fbe26d32e7fcba7226d26283b597
GET /it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 4872
expires: Sun, 22 Jan 2023 21:06:41 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 2b48caf6eb2d56562133a6a70d8f1c91
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 21:06:41 GMT
ohc-cache-hit: ly4ct93 [1], qdix200 [2]
ohc-file-size: 4872
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/windows@34_147488.exe
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/windows@34_147488.exe
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12803.url.tudown.com/down/windows@34_147488.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 13 Jan 2023 21:42:16 GMT
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 13 Jan 2023 22:10:44 GMT
Last-Modified: Thu, 15 Dec 2022 11:35:46 GMT
ETag: "639b0692-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 1892
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 21:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [2]
Ohc-File-Size: 191
X-Cache-Status: HIT
img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
42.81.98.35200 OK 177 kB URL HTTP/2 img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
IP 42.81.98.35:0
File type GIF image data, version 89a, 640 x 467\012- data
Size 177 kB (176756 bytes)
Hash 78d856590b8f34140b86bbd2917d585a
55bcae5ff46d488361a69e454dff3f8628539220
4e6de07ab997c5e735ded37c27205c4b45fe5ea0afb65061ba38c3521764422a
GET /it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:15 GMT
content-type: image/gif
content-length: 176756
expires: Tue, 24 Jan 2023 00:52:59 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 78d856590b8f34140b86bbd2917d585a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 00:52:59 GMT
ohc-cache-hit: tj5ct66 [2], bdix164 [2]
ohc-file-size: 176756
x-cache-status: MISS
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.207200 OK 8.5 kB URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.207:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type ASCII text, with very long lines (19539), with no line terminators
Hash 8c9a8471fd452ad62ba9741eb02cbf8a
2dfb0b720f9b5dc297b7189de9c88dbc10a947bf
3aad7994de5aaec666798c9830444dfa180cd635f273ebe064588c9f23257a2d
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Fri, 13 Jan 2023 21:42:15 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1673646135
via: cache1.l2de2[521,521,304-0,M], cache3.l2de2[523,0], cache8.se1[604,604,200-0,H], cache3.se1[608,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:1:235818532
x-swift-savetime: Fri, 13 Jan 2023 21:42:15 GMT
x-swift-cachetime: 600
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9716736461347175263e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/902736.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/902736.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/902736.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2998665562,3342192277&fm=253&fmt=auto?w=200&h=200
img2.baidu.com/it/u=2772027019,3292979538&fm=253&fmt=auto&app=138&f=JPEG?w=407&h=500
42.81.98.35200 OK 34 kB URL HTTP/2 img2.baidu.com/it/u=2772027019,3292979538&fm=253&fmt=auto&app=138&f=JPEG?w=407&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 407x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ae9a1de3b9280a33e2bca1b32c9e83a
09e70985a527afcb0ee321838516d062d54d2fe9
7c2bc6c00f2806ec7e36b390deb16756be792867af19963834a60d4590c2f706
GET /it/u=2772027019,3292979538&fm=253&fmt=auto&app=138&f=JPEG?w=407&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 34358
expires: Fri, 20 Jan 2023 18:21:40 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 6ae9a1de3b9280a33e2bca1b32c9e83a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 18:21:40 GMT
ohc-cache-hit: tj5ct58 [1], wzix100 [2]
ohc-file-size: 34358
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
42.81.98.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5779b329ce463d84a8694defee3c2746
ff32e95d154474473845f007fe654aa4ad842861
ef409016a3ba78c5357c5ca0173358c2424e3d4f60a409be5ff2eb822e893376
GET /it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 37966
expires: Sat, 21 Jan 2023 06:13:05 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5779b329ce463d84a8694defee3c2746
age: 515627
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 06:13:05 GMT
ohc-cache-hit: tj5ct67 [4], xaix143 [4]
ohc-file-size: 37966
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=933824084,3800450290&fm=253&fmt=auto&app=138&f=JPEG?w=379&h=500
36.99.3.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=933824084,3800450290&fm=253&fmt=auto&app=138&f=JPEG?w=379&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 379x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c600c17b6e18450b0065da8687523e1c
a33d82b1fdb8577fade67719e3e054c88baef729
9ea752fc08ddc691de2ba78eaeb699bafe72ccaae6a5e0908eb38a6d3709c050
GET /it/u=933824084,3800450290&fm=253&fmt=auto&app=138&f=JPEG?w=379&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 22322
expires: Sat, 21 Jan 2023 07:47:17 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c600c17b6e18450b0065da8687523e1c
age: 9388
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 07:47:17 GMT
ohc-cache-hit: ly4ct73 [4], bdix73 [4]
ohc-file-size: 22322
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500
42.81.98.35200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 814x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b77a6663cf2e680e861a3713bdbb9f8
28f8238dc4b0484169215a41ea580548208c64b3
1af95284389bd8ceafa81a19d9da3d652e952e5189bccf1703b8b509566c230c
GET /it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 25964
expires: Thu, 19 Jan 2023 04:35:43 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 4b77a6663cf2e680e861a3713bdbb9f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 04:35:43 GMT
ohc-cache-hit: tj5ct53 [1], xiangyix179 [2]
ohc-file-size: 25964
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2097519798,3357258687&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
36.99.3.35200 OK 47 kB URL HTTP/2 img1.baidu.com/it/u=2097519798,3357258687&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68424797afdcf9d485506e8fede3b031
156285d0058daf6acd3994403cc4cc34c4b6583c
3f607cfba57d47d6ae470182142f802f0e59b36b21bfe5572a49c5f32d8ade5d
GET /it/u=2097519798,3357258687&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 46886
expires: Fri, 20 Jan 2023 07:08:49 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 68424797afdcf9d485506e8fede3b031
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 07:08:49 GMT
ohc-cache-hit: ly4ct82 [1], czix200 [2]
ohc-file-size: 46886
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/622087.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/622087.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/622087.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1071458562,882838428&fm=224&app=112&f=JPEG?w=500&h=500
bdcode.2345.com/bfczdht.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/bfczdht.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /bfczdht.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Fri, 13 Jan 2023 22:42:16 GMT
Last-Modified: Wed, 27 Jul 2022 03:39:59 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0e87b3809ad37de-143
Server: yunjiasu
img2.baidu.com/it/u=4245460473,4190097722&fm=253&fmt=auto?w=1422&h=800
42.81.98.35200 OK 203 kB URL HTTP/2 img2.baidu.com/it/u=4245460473,4190097722&fm=253&fmt=auto?w=1422&h=800
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 203 kB (202786 bytes)
Hash 448041bc2032753d01f2ab518e682faf
b418e5ee48688c1e2de9586c66d0a4f1f5520321
c2c380f70465780459db1b9490c3133b41032f9eb8ae5e26aa125f8d3d1f0c0b
GET /it/u=4245460473,4190097722&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 202786
expires: Sat, 21 Jan 2023 07:49:37 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 448041bc2032753d01f2ab518e682faf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 07:49:37 GMT
ohc-cache-hit: tj5ct63 [2], bdix200 [2]
ohc-file-size: 202786
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
42.81.98.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 317b84b87d6007a4be98dd37b4bd756c
45031e9560e38df0099c4b3a50661781ec57c578
0b7678b1873b71cebe7bbbe1331ae6201854213f38b9ac64b9670d1a8354aa72
GET /it/u=2415912351,2158051787&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 12534
expires: Tue, 24 Jan 2023 11:50:42 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 317b84b87d6007a4be98dd37b4bd756c
age: 114154
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 11:50:42 GMT
ohc-cache-hit: tj5ct54 [4], xiangyix231 [4]
ohc-file-size: 12534
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 102 kB URL HTTP/1.1 img2.baidu.com/it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 102 kB (101653 bytes)
Hash cca482b62048b875b4a47c3d6d24bb09
882853f40b3b14c710ccc2a083dd8941d69c7815
c4e54099cdab4399cd5b64bd0d5d1893334207cc680d195242ecbbaa3851eb27
GET /it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpeg
Content-Length: 101653
Connection: keep-alive
Expires: Tue, 07 Feb 2023 14:30:43 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: cca482b62048b875b4a47c3d6d24bb09
Age: 152137
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 14:30:43 GMT
Ohc-Cache-HIT: ntct50 [4], wzix99 [2]
Ohc-File-Size: 101653
X-Cache-Status: HIT
img2.baidu.com/it/u=2472231518,133345511&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 97 kB URL HTTP/1.1 img2.baidu.com/it/u=2472231518,133345511&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 5f70dd701e8b9ff2148f948ceec6a796
e14998644c8df475b4a8a8a8dbdd6b730ffa8c21
e88030b027602c07579bc20cb565c58ecbe9a688188563ecea76a56f119c6e94
GET /it/u=2472231518,133345511&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpeg
Content-Length: 97220
Connection: keep-alive
Expires: Sat, 04 Feb 2023 18:59:37 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5f70dd701e8b9ff2148f948ceec6a796
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 18:59:37 GMT
Ohc-Cache-HIT: ntct64 [1], bdix179 [2]
Ohc-File-Size: 97220
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/404023.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/404023.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/404023.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281
img2.baidu.com/it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834
42.81.98.35200 OK 47 kB URL HTTP/2 img2.baidu.com/it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x834, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eda17e7c429bc0e90da34c8242c1ed44
79492e4dfecf5adf6f4776dee308bd2ec9d32346
19bfca240bcfa2360770ab8290b998ad8b5ebe04c8fb9fb8402fca348028b8c8
GET /it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 46596
expires: Wed, 08 Feb 2023 16:05:26 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: eda17e7c429bc0e90da34c8242c1ed44
age: 164737
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 16:05:26 GMT
ohc-cache-hit: tj5ct66 [4], csix85 [2]
ohc-file-size: 46596
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/327159.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/327159.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/327159.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12803.url.tudown.com/uploads/images/900965.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/900965.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/900965.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2598962451,1485475895&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/832484.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/832484.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/832484.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1798960028,2072623724&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
42.81.98.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 362x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6cb185f6e2a411477206a0ab37c20d91
c2aca4f8c75338f9ccb7dcef33d25c32f86cedc0
b076c2f0e0c535a143abdaeebc7b9d97e534b9c79604eb8a3f6ecae0f9d8292e
GET /it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 42052
expires: Mon, 23 Jan 2023 09:10:57 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 6cb185f6e2a411477206a0ab37c20d91
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 09:10:57 GMT
ohc-cache-hit: tj5ct65 [1], xiangyix103 [2]
ohc-file-size: 42052
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 154 kB URL HTTP/1.1 img0.baidu.com/it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 154 kB (154234 bytes)
Hash c5b5892f42da7ecc3be2b997e89bff86
3394682d07078dc4aea97b6bad70b6a6a49724fe
2663dfecb4c615594440fa13db850d6c8fa2525d7f76686ce3e3c246848516a7
GET /it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpeg
Content-Length: 154234
Connection: keep-alive
Expires: Sun, 12 Feb 2023 18:51:11 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: c5b5892f42da7ecc3be2b997e89bff86
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 18:51:11 GMT
Ohc-Cache-HIT: ly4ct96 [2], xaix96 [4]
Ohc-File-Size: 154234
X-Cache-Status: MISS
img1.baidu.com/it/u=2998665562,3342192277&fm=253&fmt=auto?w=200&h=200
36.99.3.35200 OK 7.7 kB URL HTTP/2 img1.baidu.com/it/u=2998665562,3342192277&fm=253&fmt=auto?w=200&h=200
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da3cbed4fd3c8faef763ff3b3a3268cc
6ee0b85f030d8c312803ce285a2670ad0b14f8c1
bdc01d48f2766c0440c7f306e2b03f93d24c89f422d054b75dd5ca197e5334fb
GET /it/u=2998665562,3342192277&fm=253&fmt=auto?w=200&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 7734
expires: Sun, 22 Jan 2023 23:15:56 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: da3cbed4fd3c8faef763ff3b3a3268cc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 23:15:56 GMT
ohc-cache-hit: ly4ct58 [1], qdix58 [2]
ohc-file-size: 7734
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3193813298,1643864883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=821
42.81.98.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=3193813298,1643864883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=821
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x821, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a917826a21f9f3779c15179b24f442d
68e06580deb747432cd3818a44f1f977a90ba6ee
fb38fb09abfde858804329f6f831852463fc1b44e2ff928e0927ab723595b1fe
GET /it/u=3193813298,1643864883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=821 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:16 GMT
content-type: image/webp
content-length: 30154
expires: Mon, 23 Jan 2023 13:27:08 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 3a917826a21f9f3779c15179b24f442d
age: 163378
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 13:27:08 GMT
ohc-cache-hit: tj5ct65 [4], xaix81 [2]
ohc-file-size: 30154
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/759510.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/759510.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/759510.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1811547784,2806101989&fm=253&app=120&f=JPEG?w=1280&h=800
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3112804583&s2=1605146331<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&dc=3&ti=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673646118&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673646119&dtm=HTML_POST&tpr=1673646118886&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=553f0fe9947b0d11&fpt=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3112804583&s2=1605146331<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&dc=3&ti=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673646118&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673646119&dtm=HTML_POST&tpr=1673646118886&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=553f0fe9947b0d11&fpt=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6890)
Hash 415b88b8ae65d12564002fdb75d19067
9add1a5c81afc7df81682e9e3946cc0e6d024394
2ca74e360074b24250ab173dc91671b235d4e2608a6149a0734263a419367f2a
GET /s?wid=910&hei=120&di=u4965894&s1=3112804583&s2=1605146331<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&dc=3&ti=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673646118&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673646119&dtm=HTML_POST&tpr=1673646118886&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=553f0fe9947b0d11&fpt=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 13 Jan 2023 21:42:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Jan 14 05:42:16 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=EC2EFBCC2ADE20FC956FA83A5C5FDC3B:FG=1; expires=Sat, 13-Jan-54 21:42:16 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 12976
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12803.url.tudown.com/
Origin: http://12803.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12803.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Fri, 13 Jan 2023 21:42:17 GMT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/392384.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/392384.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/392384.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1608103718,1285232501&fm=224&app=112&f=JPEG?w=350&h=350
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-5f9ffc9a2411862b34423b6355ec020e3308ce6e&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&t=1673646119923&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-5f9ffc9a2411862b34423b6355ec020e3308ce6e&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&t=1673646119923&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-5f9ffc9a2411862b34423b6355ec020e3308ce6e&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&t=1673646119923&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Fri, 13 Jan 2023 21:42:17 GMT
content-length: 0
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281
42.81.98.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb0f9d4f16a280d3492d2bc5d1dacf65
74bba69d2e0a57820c58bcac18c3e81d457b1d41
cd6c8963679910c29f430a5e56ee3c65a515cd9f9058df642ff761f3b03d54eb
GET /it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 13432
expires: Sun, 22 Jan 2023 02:19:21 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: cb0f9d4f16a280d3492d2bc5d1dacf65
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 02:19:21 GMT
ohc-cache-hit: tj5ct66 [1], bdix154 [4]
ohc-file-size: 13432
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
36.99.3.35200 OK 13 kB URL HTTP/2 img1.baidu.com/it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e905ed82df93f06db20785cef8db54d
f4513f2026d2fbedd1b8146e78c881d30c45fa54
c52d3c370b581a72105e0f514c99cc64fab2dc42f060057b7705b7c1d3639819
GET /it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 13216
expires: Sun, 05 Feb 2023 06:02:59 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6e905ed82df93f06db20785cef8db54d
age: 168000
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 06:02:59 GMT
ohc-cache-hit: ly4ct55 [4], czix171 [2]
ohc-file-size: 13216
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2598962451,1485475895&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=2598962451,1485475895&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c8864fa86fb108b12bab5463e245cdd
1cc467a5cd066a9318709dc503f8fc4037b8cdbe
7f1a55b4b9c021336c87026d480ee932b61a283ce1cb11775b9a3ca9ac3718be
GET /it/u=2598962451,1485475895&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 31902
expires: Mon, 23 Jan 2023 04:33:50 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 1c8864fa86fb108b12bab5463e245cdd
age: 133264
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 04:33:50 GMT
ohc-cache-hit: ly4ct50 [4], xiangyix109 [4]
ohc-file-size: 31902
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1811547784,2806101989&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 103 kB URL HTTP/1.1 img2.baidu.com/it/u=1811547784,2806101989&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 103 kB (103018 bytes)
Hash 15187c28bea386723143ce9e8166072e
773c282ba885b6e1511dc0223189dc2a3bbe9721
bfe281a28fa0e188f61ae45d9af1068fe74023dfc044e9a2c6c2d9007b3325a0
GET /it/u=1811547784,2806101989&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 103018
Connection: keep-alive
Expires: Sun, 05 Feb 2023 04:46:11 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 15187c28bea386723143ce9e8166072e
Age: 352430
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 04:46:11 GMT
Ohc-Cache-HIT: ntct62 [4], bdix125 [4]
Ohc-File-Size: 103018
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/42647.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/42647.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/42647.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/204445.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/204445.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/204445.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3820140341,4077877270&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=641
12803.url.tudown.com/uploads/images/886366.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/886366.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/886366.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3667100021,3808589473&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583
12803.url.tudown.com/uploads/images/42624.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/42624.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/42624.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3888737525,4124342825&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/73222.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/73222.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/73222.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=2051997067&s2=2903435358<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&dc=3&ti=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673646118&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673646119&dtm=HTML_POST&tpr=1673646118886&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=553f0fe9947b0d11&fpt=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f&dft=0&ft=1
182.61.200.109200 OK 15 kB URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=2051997067&s2=2903435358<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&dc=3&ti=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673646118&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673646119&dtm=HTML_POST&tpr=1673646118886&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=553f0fe9947b0d11&fpt=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36969)
Hash 91fd529c90031717cb5822da31cc31a6
6d33cc5558dbcf7ac476f3ab9f84cef3d23bd4a7
908f0ed493fca4572ffb814fc4eae683e77a15899fd088521638fd10f4b817e1
GET /s?wid=890&hei=200&di=u5039524&s1=2051997067&s2=2903435358<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&dc=3&ti=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BA%E4%B8%8B%E8%BD%BD%E7%BD%91%E5%9D%80app(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673646118&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673646119&dtm=HTML_POST&tpr=1673646118886&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=553f0fe9947b0d11&fpt=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 13 Jan 2023 21:42:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Jan 14 05:42:16 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=EC2EFBCC2ADE20FC5363CC4C3D7F00E2:FG=1; expires=Sat, 13-Jan-54 21:42:16 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14767
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156200 OK 591 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with very long lines (591), with no line terminators
Hash 876039da376a844d340418f6592fa54f
87506cb43e0d3560b482e8e3044571e05e53c56c
c769cae49676f721f773a8fadb08dbe3852c3124ed42b6dd8771adc2f4743338
POST /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
X-Bdh5-Pf: 1
Content-Length: 3258
Origin: http://12803.url.tudown.com
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12803.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Fri, 13 Jan 2023 21:42:17 GMT
content-length: 591
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/542138.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/542138.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/542138.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
img2.baidu.com/it/u=3820140341,4077877270&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=641
42.81.98.35200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=3820140341,4077877270&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=641
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x641, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c63c8a5e2ce51b1c23afd8909cd38ec
2c4383f65d108a9ff3cde4d4cf83182d27ffd1d9
9624688b5c674a31d040b60a903135ed4b0d76faefe0f72f6d42dc470363a8f4
GET /it/u=3820140341,4077877270&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=641 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 17040
expires: Sun, 22 Jan 2023 08:55:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 4c63c8a5e2ce51b1c23afd8909cd38ec
age: 141408
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 08:55:48 GMT
ohc-cache-hit: tj5ct50 [4], czix236 [2]
ohc-file-size: 17040
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3667100021,3808589473&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583
36.99.3.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=3667100021,3808589473&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x583, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b5a4e3d97736cdedc46964c6304dd8ec
bc5a34d6e20d8b7f1b2ef48afd034518ce1b72dd
c2588f216eca0a157e8c0c38edcbde652d3b7cdac65d0a8a4582f7780bff10e0
GET /it/u=3667100021,3808589473&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 14778
expires: Wed, 25 Jan 2023 04:23:24 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: b5a4e3d97736cdedc46964c6304dd8ec
age: 124334
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 04:23:24 GMT
ohc-cache-hit: ly4ct75 [4], xiangyix75 [4]
ohc-file-size: 14778
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2122648483,1370232110&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 126 kB URL HTTP/1.1 img2.baidu.com/it/u=2122648483,1370232110&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 126 kB (126002 bytes)
Hash 2e499d899c73832b1acbc32dd93214f5
477d823a93b493526b4e1025d4f6f40fc1f9d297
01c0cf08d40018fa96fc31ba98eddaae1c1822fdc67b77c606c93fafaf830bbc
GET /it/u=2122648483,1370232110&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/jpeg
Content-Length: 126002
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:13:52 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2e499d899c73832b1acbc32dd93214f5
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 01:13:52 GMT
Ohc-Cache-HIT: ntct52 [1], czix194 [2]
Ohc-File-Size: 126002
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/32674.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/32674.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/32674.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2699172341,4068553794&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
12803.url.tudown.com/uploads/images/258881.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/258881.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/258881.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4207279856,3562824755&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/790264.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/790264.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/790264.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2861404262,3859527954&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/204366.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/204366.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/204366.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2059088624,704716120&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
bdsearch.2345.com/auto_ds?uiz=u&utz=Vv&ugk=hih-&wgk=CRL+0Na_0ggEDs3fFjHG+yhzQIM1CwCsE6MG6RlsfK2ajgrf9lgrwCNhHODQJaFr-XcjCoFyx35X9Kw+Qvw2w8IN9.D22T.zRvOb3-Y.Hkh9.ouiO2QHK2iMab-r4Brfg1ZzrRxYgoNLD9nmint7bHGtjk9jfQLbll6R4rTdbLjij8g_y68f_pc.1OkTknopiEShpM7eZxsHGr9mQ0FEgJDeknA2xPgoAznbTF0N_dIgwO/Ln.A_y6+n4FXplXt37o+XHDF60Cn64ieA1Qkc+li.Y5yb1Hd334atGwmS.DZq6g53dGN4avi7vtPCElt0Y60zY_9s_ANM-p1/ebT2o61sIHoJ-aKD6Ekc9lwBX/IxRHMD_XzBm2tkPdMjf660_r+h8PcIuEx_dOCSMTNP9K&kz=W80W58W5xW83W31W42W8zW42W2vW8zW5uW56W80W30W49W8yW54W54W8yW52W25W82W57W57W81W57W3vW8zW37W2uXjj(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33VcimWw9W8zW48W23W8zW27W3xWw9W80W23W25W80W36W54W81W23W22XjjW8yW52W25W82W57W57Py2v0WU1w21z&ttv=nlo-&gifk=w&uz=u&in=3x3>j=vw02r3x3&llzu=zY1uXz2Yyxv0xY12&vtu=v&rr=v&umz=uWUu&urz=u&ckl=bnnjWx4Ww9Ww9vw2uxWUolfWUno_iqhWUZigWw9_iqhWw9qch_iqmWyuxyUvy1y22WU-r-&rek=u&kte=v01x0y0vv3&tvt=ON9V2&gzj=VvrVv&uzj=u&uij=v&uwk=u&gjj=vw02rwzz2&twm=u&gjz=zzx.u.-33y1Yu_vv&kcd=v01x0y0vv2&kgi=v01x0y0vv2220&tyz=v&ukd=4ONIUDMIHJ&uts=UUUYXc_oUohcihUZXffYXZe&ut=y&vogj=vvuuvv&tgc=u&mvi=vwwv&vel=-hZi_cha&usm=u&gj=uru&riz=w&ji=vw2urvuwy<=vw2urvuuw
42.81.8.129200 OK 78 B URL HTTP/2 bdsearch.2345.com/auto_ds?uiz=u&utz=Vv&ugk=hih-&wgk=CRL+0Na_0ggEDs3fFjHG+yhzQIM1CwCsE6MG6RlsfK2ajgrf9lgrwCNhHODQJaFr-XcjCoFyx35X9Kw+Qvw2w8IN9.D22T.zRvOb3-Y.Hkh9.ouiO2QHK2iMab-r4Brfg1ZzrRxYgoNLD9nmint7bHGtjk9jfQLbll6R4rTdbLjij8g_y68f_pc.1OkTknopiEShpM7eZxsHGr9mQ0FEgJDeknA2xPgoAznbTF0N_dIgwO/Ln.A_y6+n4FXplXt37o+XHDF60Cn64ieA1Qkc+li.Y5yb1Hd334atGwmS.DZq6g53dGN4avi7vtPCElt0Y60zY_9s_ANM-p1/ebT2o61sIHoJ-aKD6Ekc9lwBX/IxRHMD_XzBm2tkPdMjf660_r+h8PcIuEx_dOCSMTNP9K&kz=W80W58W5xW83W31W42W8zW42W2vW8zW5uW56W80W30W49W8yW54W54W8yW52W25W82W57W57W81W57W3vW8zW37W2uXjj(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33VcimWw9W8zW48W23W8zW27W3xWw9W80W23W25W80W36W54W81W23W22XjjW8yW52W25W82W57W57Py2v0WU1w21z&ttv=nlo-&gifk=w&uz=u&in=3x3>j=vw02r3x3&llzu=zY1uXz2Yyxv0xY12&vtu=v&rr=v&umz=uWUu&urz=u&ckl=bnnjWx4Ww9Ww9vw2uxWUolfWUno_iqhWUZigWw9_iqhWw9qch_iqmWyuxyUvy1y22WU-r-&rek=u&kte=v01x0y0vv3&tvt=ON9V2&gzj=VvrVv&uzj=u&uij=v&uwk=u&gjj=vw02rwzz2&twm=u&gjz=zzx.u.-33y1Yu_vv&kcd=v01x0y0vv2&kgi=v01x0y0vv2220&tyz=v&ukd=4ONIUDMIHJ&uts=UUUYXc_oUohcihUZXffYXZe&ut=y&vogj=vvuuvv&tgc=u&mvi=vwwv&vel=-hZi_cha&usm=u&gj=uru&riz=w&ji=vw2urvuwy<=vw2urvuuw
IP 42.81.8.129:0
File type ASCII text, with no line terminators
Hash 40fa2bcfefddb8a4e0491a851a9eaa71
f4a8f7e31abe0915094484e0f3f39f18df47f790
b5d1ecd2fddd88159d7ea84b5dc4671138c333af6d77d35d5767105c7dc2d787
GET /auto_ds?uiz=u&utz=Vv&ugk=hih-&wgk=CRL+0Na_0ggEDs3fFjHG+yhzQIM1CwCsE6MG6RlsfK2ajgrf9lgrwCNhHODQJaFr-XcjCoFyx35X9Kw+Qvw2w8IN9.D22T.zRvOb3-Y.Hkh9.ouiO2QHK2iMab-r4Brfg1ZzrRxYgoNLD9nmint7bHGtjk9jfQLbll6R4rTdbLjij8g_y68f_pc.1OkTknopiEShpM7eZxsHGr9mQ0FEgJDeknA2xPgoAznbTF0N_dIgwO/Ln.A_y6+n4FXplXt37o+XHDF60Cn64ieA1Qkc+li.Y5yb1Hd334atGwmS.DZq6g53dGN4avi7vtPCElt0Y60zY_9s_ANM-p1/ebT2o61sIHoJ-aKD6Ekc9lwBX/IxRHMD_XzBm2tkPdMjf660_r+h8PcIuEx_dOCSMTNP9K&kz=W80W58W5xW83W31W42W8zW42W2vW8zW5uW56W80W30W49W8yW54W54W8yW52W25W82W57W57W81W57W3vW8zW37W2uXjj(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33VcimWw9W8zW48W23W8zW27W3xWw9W80W23W25W80W36W54W81W23W22XjjW8yW52W25W82W57W57Py2v0WU1w21z&ttv=nlo-&gifk=w&uz=u&in=3x3>j=vw02r3x3&llzu=zY1uXz2Yyxv0xY12&vtu=v&rr=v&umz=uWUu&urz=u&ckl=bnnjWx4Ww9Ww9vw2uxWUolfWUno_iqhWUZigWw9_iqhWw9qch_iqmWyuxyUvy1y22WU-r-&rek=u&kte=v01x0y0vv3&tvt=ON9V2&gzj=VvrVv&uzj=u&uij=v&uwk=u&gjj=vw02rwzz2&twm=u&gjz=zzx.u.-33y1Yu_vv&kcd=v01x0y0vv2&kgi=v01x0y0vv2220&tyz=v&ukd=4ONIUDMIHJ&uts=UUUYXc_oUohcihUZXffYXZe&ut=y&vogj=vvuuvv&tgc=u&mvi=vwwv&vel=-hZi_cha&usm=u&gj=uru&riz=w&ji=vw2urvuwy<=vw2urvuuw HTTP/1.1
Host: bdsearch.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: application/javascript;charset=UTF-8
date: Fri, 13 Jan 2023 21:42:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Jan 14 05:42:17 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: yunjiasu
x-xss-protection: 0
yjs-id: c0e87b3e60ae37e5-143
content-length: 78
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/876827.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/876827.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/876827.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=605626764,3456147288&fm=253&app=138&f=PNG?w=500&h=800
49.79.225.35200 OK 460 kB URL HTTP/1.1 img2.baidu.com/it/u=605626764,3456147288&fm=253&app=138&f=PNG?w=500&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type PNG image data, 500 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 460 kB (459560 bytes)
Hash e3f9adb19eaaa8b1ba1d177d9aec5b8e
6c834503e551c9682a5e52fa9633ce100753666c
7795d032bd528401dbf65026c47a72977b58bf1bd4987b70abbe2b76e1f98dc8
GET /it/u=605626764,3456147288&fm=253&app=138&f=PNG?w=500&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:16 GMT
Content-Type: image/png
Content-Length: 459560
Connection: keep-alive
Expires: Sun, 29 Jan 2023 18:32:59 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: e3f9adb19eaaa8b1ba1d177d9aec5b8e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 18:32:59 GMT
Ohc-Cache-HIT: ntct65 [1], suzix214 [2]
Ohc-File-Size: 459560
X-Cache-Status: MISS
img1.baidu.com/it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800
36.99.3.35200 OK 51 kB URL HTTP/1.1 img1.baidu.com/it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7fe7940f299ab3855ef0e05889f7a2b3
6bffb912c361216094c4b02f494879ac5c3deb81
3b1bb42b9e7e1a007e0f939b7de32c8e5aa466121772603671d553fc986936f7
GET /it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/webp
Content-Length: 50598
Connection: keep-alive
Expires: Thu, 19 Jan 2023 07:21:25 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7fe7940f299ab3855ef0e05889f7a2b3
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 20 Dec 2022 07:21:25 GMT
Ohc-Cache-HIT: ly4ct82 [1], bdix142 [2]
Ohc-File-Size: 50598
X-Cache-Status: MISS
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-5f9ffc9a2411862b34423b6355ec020e3308ce6e&9=0&10=0&11=1591&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&t=1673646121605&r=lo
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-5f9ffc9a2411862b34423b6355ec020e3308ce6e&9=0&10=0&11=1591&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&t=1673646121605&r=lo
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-5f9ffc9a2411862b34423b6355ec020e3308ce6e&9=0&10=0&11=1591&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2Fwindows%4034_147488.exe&t=1673646121605&r=lo HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Fri, 13 Jan 2023 21:42:17 GMT
content-length: 0
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1239492830,149497284&fm=224&app=112&f=JPEG?w=419&h=500
185.10.104.124200 OK 18 kB URL HTTP/1.1 t14.baidu.com/it/u=1239492830,149497284&fm=224&app=112&f=JPEG?w=419&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 419x500, components 3\012- data
Hash 9269dbd08c33a0b240f553bed496b3c6
ed20583bc12afd7e90bb6ac563b6390e2de0bcba
f0217f892578f399ba516f8a3350d3303f4dc6f230e3abe2bcb0db9457f84bba
GET /it/u=1239492830,149497284&fm=224&app=112&f=JPEG?w=419&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 17793
Connection: keep-alive
Expires: Tue, 17 Jan 2023 00:37:25 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 9269dbd08c33a0b240f553bed496b3c6
Age: 421954
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 18 Dec 2022 00:37:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache52 [4], xaix207 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 17793
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1195511246,1550033194&fm=224&app=112&f=JPEG?w=500&h=459
185.10.104.124200 OK 22 kB URL HTTP/1.1 t14.baidu.com/it/u=1195511246,1550033194&fm=224&app=112&f=JPEG?w=500&h=459
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x459, components 3\012- data
Hash dcecc50c597c8d08ec1b417d587b5e14
f6b80a2fa78401ee329bcf583b4984f6fc615142
7cc26f0fb52c641b62530136c687b2cbcb17ecd57688ece003aeb89c5ddff269
GET /it/u=1195511246,1550033194&fm=224&app=112&f=JPEG?w=500&h=459 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 22154
Connection: keep-alive
Expires: Wed, 08 Feb 2023 10:18:42 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: dcecc50c597c8d08ec1b417d587b5e14
Age: 172649
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 10:18:42 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache58 [4], xaix74 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 22154
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3888737525,4124342825&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 24 kB URL HTTP/1.1 t13.baidu.com/it/u=3888737525,4124342825&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cc33b58e37817be6bd7687ca797a37d5
536eb056daee71aff854e83c4319967756bec865
0165be971c25bd7d3c4103514a083d6c21aaebb84d5ca3978ae605e4ea5f8343
GET /it/u=3888737525,4124342825&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 24442
Connection: keep-alive
Expires: Mon, 30 Jan 2023 01:14:52 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: cc33b58e37817be6bd7687ca797a37d5
Age: 174805
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 01:14:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache52 [1], qdix230 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24442
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1608103718,1285232501&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 22 kB URL HTTP/1.1 t15.baidu.com/it/u=1608103718,1285232501&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 1e49cfacb07fe7a19ff7fa7aefb18103
9cb4a670e206e59a61510a19e96854e0d9df7e72
120b4b71f6c5a251fe949960d31d65480c292229a897350d28b8bb8bdb87d02c
GET /it/u=1608103718,1285232501&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 22223
Connection: keep-alive
Expires: Sun, 05 Feb 2023 09:10:01 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 1e49cfacb07fe7a19ff7fa7aefb18103
Age: 207333
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 09:10:01 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache60 [1], bdix60 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 22223
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 499x500, components 3\012- data
Hash 205ac7ebbbacf0824cdc852650d974a4
62aebb5ceaa6d5cead66ddbe80eeb872f0a08273
a667912464ea471621105e8b9af0759f4b642291de5d9b115a463a36afb12a32
GET /it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 37548
Connection: keep-alive
Expires: Sat, 11 Feb 2023 05:01:19 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 205ac7ebbbacf0824cdc852650d974a4
Age: 11000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 05:01:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache62 [1], wzix82 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37548
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t13.baidu.com/it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a8b0ba19033aac508e41bd0274b13e31
4d1405fe6d7b2ceedd1fb61e38706f63b1c3db86
1ee45b0f31a05e386f6fedbc1debed2bca6291b52d4848b1c75d1c22fd7949a3
GET /it/u=400271853,960095199&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 44956
Connection: keep-alive
Expires: Sat, 21 Jan 2023 03:05:40 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: a8b0ba19033aac508e41bd0274b13e31
Age: 1967797
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 22 Dec 2022 03:05:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [1], csix60 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44956
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c3cc02f5c7bc1ef778e8c5f6b23f2032
9787e7675aa9c1b73b97a80dfd098b926cfe8438
4370dc238ccfbf4f5cc17f00fefdd7df2ce0e0af1c996b6a96d0f2cc8284b85e
GET /it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 47245
Connection: keep-alive
Expires: Fri, 10 Feb 2023 09:33:21 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: c3cc02f5c7bc1ef778e8c5f6b23f2032
Age: 179320
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 09:33:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache51 [4], bdix106 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47245
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
36.99.3.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cf34726fa4301d9a6aa20ab01c48949
c2e2d62afa7f9ea8c84926317c4e24b9a5ca1550
812b249dbeb71ddf6a9584ee84215a82faaa1934e55b6469b91624c6352fd8e2
GET /it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 15312
expires: Sun, 15 Jan 2023 19:06:01 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5cf34726fa4301d9a6aa20ab01c48949
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 19:06:01 GMT
ohc-cache-hit: ly4ct71 [1], qdix219 [2]
ohc-file-size: 15312
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t14.baidu.com/it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ef20a07747eb2ffda62be4ab3c1550aa
562b11b8baac781cd519b14b0989e61062f9fa9d
dd457b4e249f747027d5c708d57f57783bb08157d0fd2eb4679050b429728cbb
GET /it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 31669
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:27:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: ef20a07747eb2ffda62be4ab3c1550aa
Age: 175025
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:27:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache64 [4], csix92 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31669
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=2370324824,2854383975&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 41 kB URL HTTP/1.1 t14.baidu.com/it/u=2370324824,2854383975&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fb0f7662bfea77d4e99b81bb3b0c8936
1ba7917683397baad488e5b88454389d241b7ae5
ed99789cd1be83d35afff3539a6114804599ead5f06d7b83b63454eb1efd8baf
GET /it/u=2370324824,2854383975&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 41324
Connection: keep-alive
Expires: Wed, 01 Feb 2023 08:38:00 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: fb0f7662bfea77d4e99b81bb3b0c8936
Age: 170882
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 08:38:00 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache64 [1], xiangyix84 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41324
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1914632911,3493831096&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=1914632911,3493831096&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6972d5cd37eb67b6c536ec4ac67ea21b
9ec3195fec8e81022efeb4ab6f4e2e9bb58ac248
402c6e09d76cd5ed7ea7d9a5c0646cfc3f9ac12f4bff3c17dafb49ae74fb5f05
GET /it/u=1914632911,3493831096&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 37469
Connection: keep-alive
Expires: Thu, 02 Feb 2023 08:58:09 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 6972d5cd37eb67b6c536ec4ac67ea21b
Age: 174525
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 08:58:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache61 [1], xaix223 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37469
X-Cache-Status: HIT
Timing-Allow-Origin: *
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Fri, 13 Jan 2023 21:42:17 GMT
etag: W/"61eead68-850"
expires: Fri, 13 Jan 2023 22:42:17 GMT
last-modified: Mon, 24 Jan 2022 13:45:12 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c0e87b42646b37de-143
content-length: 783
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2861404262,3859527954&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
42.81.98.35200 OK 9.2 kB URL HTTP/2 img2.baidu.com/it/u=2861404262,3859527954&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f86d2d97010aeda665a6d35487468fc
9e6389888f1875d7551827ed9a0630aef413b310
aae8f1ec8c2d4ac4cb2949b902d572b15a25a925e55126e817e6deecbd8f3ca1
GET /it/u=2861404262,3859527954&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 9162
expires: Thu, 19 Jan 2023 19:14:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1f86d2d97010aeda665a6d35487468fc
age: 5007
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 19:14:58 GMT
ohc-cache-hit: tj5ct61 [4], czix147 [4]
ohc-file-size: 9162
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/337215.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/337215.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/337215.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=182005145,2180467965&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=3893129934,3957262186&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=3893129934,3957262186&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fcc784a4a5f0c8ad53a9f10ada2d6104
b8398fa466fe5eadb0626f977d077fcacff2e302
bc60547558a20a8c3ffd8f2e3d0a40e2dc49acec2c3360661a33b1f25f7adcf0
GET /it/u=3893129934,3957262186&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 39770
Connection: keep-alive
Expires: Wed, 18 Jan 2023 13:24:19 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: fcc784a4a5f0c8ad53a9f10ada2d6104
Age: 243527
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 19 Dec 2022 13:24:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache57 [1], qdix240 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39770
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 33 kB URL HTTP/1.1 t13.baidu.com/it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1f5fd5e8b92981355b4b2c481c627071
657df8d2d01ff913d920056bbdfb3e8caa52296a
7b1b0dd115f70397a0933816ade60e967d872b089fb0e3b2032eaf504dd65f0e
GET /it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpeg
Content-Length: 32794
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:37:02 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 1f5fd5e8b92981355b4b2c481c627071
Age: 174346
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:37:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache59 [4], csix82 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 32794
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=1798960028,2072623724&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 63 kB URL HTTP/1.1 t13.baidu.com/it/u=1798960028,2072623724&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f6cd26c582bc33b48f586a61da8e0151
de3734040abfac08eec881aa5b73cc40cfefc849
bd9dcf91e7651ea62e1704b2ed80c25c95bd32b2d8ec549eeecab744bdc03976
GET /it/u=1798960028,2072623724&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 63173
Connection: keep-alive
Expires: Fri, 10 Feb 2023 03:41:47 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f6cd26c582bc33b48f586a61da8e0151
Age: 103797
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 03:41:47 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [4], czix67 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 63173
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/360728.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/360728.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/360728.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3530992803,1672132647&fm=253&fmt=auto?w=92&h=69
12803.url.tudown.com/uploads/images/710319.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/710319.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/710319.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=4291934688,3308791100&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/957516.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/957516.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/957516.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3398618868,4038008647&fm=253&fmt=auto?w=1280&h=800
img0.baidu.com/it/u=2699172341,4068553794&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
36.99.3.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=2699172341,4068553794&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 668x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 83e67d50edb74ed975abd9e4b6b6bd5c
599f95de1cf105a977610494b814047b2b7c4be3
1e997c5b975a7bb09f80001673587ef9c1ea491f9aa6c5284e7c7b31cbbec833
GET /it/u=2699172341,4068553794&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 27036
expires: Tue, 31 Jan 2023 03:44:21 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 83e67d50edb74ed975abd9e4b6b6bd5c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 03:44:21 GMT
ohc-cache-hit: ly4ct82 [1], csix82 [2]
ohc-file-size: 27036
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2059088624,704716120&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
36.99.3.35200 OK 7.1 kB URL HTTP/2 img0.baidu.com/it/u=2059088624,704716120&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash febdbfab95d0f07da133023dde6c2b5b
a03558ef2477fab9c508232cc1744b85ed8ed63b
699a7039502eb8855d66084432791aaf859ddcbfcf0e078e8e8f602372499e76
GET /it/u=2059088624,704716120&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:17 GMT
content-type: image/webp
content-length: 7090
expires: Sat, 14 Jan 2023 06:23:24 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: febdbfab95d0f07da133023dde6c2b5b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 15 Dec 2022 06:23:24 GMT
ohc-cache-hit: ly4ct81 [1], xaix183 [2]
ohc-file-size: 7090
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/405305.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/405305.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/405305.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
t13.baidu.com/it/u=4291934688,3308791100&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=4291934688,3308791100&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 379831aa6ddae7e19f039f972e9d7a11
bdf612d9cc7dd5c5180fd106fc831e246f231dca
ab98abe2a84d0d2475e7301e15bcf2d0a9904a151e4a6e113aff854b0aa272b7
GET /it/u=4291934688,3308791100&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpeg
Content-Length: 53408
Connection: keep-alive
Expires: Mon, 16 Jan 2023 20:24:40 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 379831aa6ddae7e19f039f972e9d7a11
Age: 167057
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 17 Dec 2022 20:24:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache60 [1], qdix223 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53408
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/215270.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/215270.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/215270.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2657303486,782934363&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
t13.baidu.com/it/u=182005145,2180467965&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 23 kB URL HTTP/1.1 t13.baidu.com/it/u=182005145,2180467965&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a1fe8a4e2b992baa5685912ecd1bb035
d193a65480a503401a622404bc9f431fa5d7deef
048a4390968863a6cecea2a4bdcdc36846a9f9b5d1503e8e38f5776f38490519
GET /it/u=182005145,2180467965&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpeg
Content-Length: 22988
Connection: keep-alive
Expires: Sat, 04 Feb 2023 18:54:15 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: a1fe8a4e2b992baa5685912ecd1bb035
Age: 172983
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 18:54:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache50 [1], qdix132 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 22988
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=4207279856,3562824755&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 66 kB URL HTTP/1.1 t15.baidu.com/it/u=4207279856,3562824755&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 46644c8d39591d346cd660c7ae63ab3a
1d489700e475d98545c4858a18ef6789cb9f4a93
394021276548b44d66c94f192cdad964c72128568c9165a64ad5dc6c9e3869a8
GET /it/u=4207279856,3562824755&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpeg
Content-Length: 66268
Connection: keep-alive
Expires: Sun, 29 Jan 2023 10:03:34 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 46644c8d39591d346cd660c7ae63ab3a
Age: 174833
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 10:03:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache65 [1], qdix184 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 66268
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/679403.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/679403.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/679403.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1282943735,653998252&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=464
12803.url.tudown.com/uploads/images/123756.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/123756.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/123756.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2326297489,1732475146&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/122039.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/122039.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/122039.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653
img0.baidu.com/it/u=3398618868,4038008647&fm=253&fmt=auto?w=1280&h=800
36.99.3.35200 OK 73 kB URL HTTP/2 img0.baidu.com/it/u=3398618868,4038008647&fm=253&fmt=auto?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f51af58303139966cc9eb619a32d2b5f
18eecda917f58f1b70ee8ac65f601e986768a585
94326a90e243e49b6ac2d8b563aabb4bc482b94afa6baf51177f9219a36de3bc
GET /it/u=3398618868,4038008647&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 72552
expires: Sun, 22 Jan 2023 02:36:06 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f51af58303139966cc9eb619a32d2b5f
age: 152014
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 02:36:06 GMT
ohc-cache-hit: ly4ct68 [4], czix124 [2]
ohc-file-size: 72552
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3530992803,1672132647&fm=253&fmt=auto?w=92&h=69
36.99.3.35200 OK 916 B URL HTTP/2 img0.baidu.com/it/u=3530992803,1672132647&fm=253&fmt=auto?w=92&h=69
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 678d5b0f2d7c38bd4b59429a0263a1c1
e08478e2fd63518f30aa0aa4937b0fb4ac3eaac2
a2b55b347d318c89cf87b583428b5ded62d7b550dff4396c0eb8b00c942f8f35
GET /it/u=3530992803,1672132647&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 916
expires: Sat, 21 Jan 2023 16:25:47 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 678d5b0f2d7c38bd4b59429a0263a1c1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 16:25:47 GMT
ohc-cache-hit: ly4ct105 [1], xaix105 [2]
ohc-file-size: 916
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
42.81.98.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x540, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5a89c839fa21ba4bbababa34511342f
2de60273a26da90ddbf60410b47f1f42c3709653
52314c6231e808930866c0b1984f1c12ee60667be2a89b8671d0847bac64aba7
GET /it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 29808
expires: Sun, 22 Jan 2023 05:16:35 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: a5a89c839fa21ba4bbababa34511342f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 05:16:35 GMT
ohc-cache-hit: tj5ct61 [1], suzix162 [2]
ohc-file-size: 29808
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2657303486,782934363&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
36.99.3.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=2657303486,782934363&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x312, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0db65424d139f26b61957be78467e0b
fa2c617415dbfec570f194d43b4da41d03e9887a
7ca8ad10778dbade653f809b8fe2456aafb5eda1874ddaebb149d77155f016f1
GET /it/u=2657303486,782934363&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 26990
expires: Sun, 15 Jan 2023 08:32:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f0db65424d139f26b61957be78467e0b
age: 174154
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 08:32:47 GMT
ohc-cache-hit: ly4ct89 [4], qdix142 [2]
ohc-file-size: 26990
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/845593.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/845593.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/845593.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=406931611,662646756&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=979
12803.url.tudown.com/uploads/images/604753.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/604753.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/604753.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=901388,146030078&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/715237.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/715237.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/715237.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cdc24465d02cef5dbf5ff3f9eef95822
f688d3e1c68427475d43888b4821ba4fef52f4ef
c4ee317b1038f857654f2dcb1be0f0d7db69fbf10751dd157e32314b6dd26caa
GET /it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpeg
Content-Length: 56665
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:31:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: cdc24465d02cef5dbf5ff3f9eef95822
Age: 404590
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:31:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache57 [1], xaix200 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56665
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1282943735,653998252&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=464
36.99.3.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1282943735,653998252&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=464
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x464, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 755dd177c2b096b06a70ffc92cb753b8
65810094ca087ec8403db57c69c6f5d70af01f14
1491ed7ad9118fe22aa4bbdf44bbe9401d8de179a8485c8af5e57e8f10efa626
GET /it/u=1282943735,653998252&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=464 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 18030
expires: Sun, 22 Jan 2023 22:59:08 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 755dd177c2b096b06a70ffc92cb753b8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 22:59:08 GMT
ohc-cache-hit: ly4ct73 [1], qdix111 [2]
ohc-file-size: 18030
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653
36.99.3.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x653, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1007529c268977558d20c8b8e446a9f9
396c4c8504506a6d6dd61fbaa338b7b98c4cf26e
eb961773cc85f7a73c18b46a5986331530312a80b883eb87ed9466f08d268ab7
GET /it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 15394
expires: Sun, 22 Jan 2023 14:21:18 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1007529c268977558d20c8b8e446a9f9
age: 165869
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 14:21:18 GMT
ohc-cache-hit: ly4ct95 [4], wzix63 [2]
ohc-file-size: 15394
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/313319.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/313319.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/313319.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800
img1.baidu.com/it/u=2326297489,1732475146&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=2326297489,1732475146&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f6ef5299bb9a4e1527c94894145f3b5
28edaffa4e7bf70ff6a47b62e1a271930b37861d
48184e25c9afbb1e426be62f205cfdb0a9427f436698c1917fea98948f0c0e75
GET /it/u=2326297489,1732475146&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 26626
expires: Sat, 11 Feb 2023 11:53:06 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 2f6ef5299bb9a4e1527c94894145f3b5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 11:53:06 GMT
ohc-cache-hit: ly4ct85 [1], suzix121 [2]
ohc-file-size: 26626
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/241705.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/241705.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/241705.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=88904505,1873622629&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
12803.url.tudown.com/uploads/images/744002.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/744002.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/744002.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2975693406,847116364&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img1.baidu.com/it/u=901388,146030078&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 18 kB URL HTTP/2 img1.baidu.com/it/u=901388,146030078&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c157c148ceb91b47842da02a62e777a8
1f2d1e33bcb58c3b34b1ac20530e3f08ea34ccd0
9e5535bcac1dd979ebfc72c3535a0b34884cf6233be16f7566bd6a94701bab62
GET /it/u=901388,146030078&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 17812
expires: Wed, 01 Feb 2023 13:35:04 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: c157c148ceb91b47842da02a62e777a8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 13:35:04 GMT
ohc-cache-hit: ly4ct82 [1], csix82 [2]
ohc-file-size: 17812
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=406931611,662646756&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=979
36.99.3.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=406931611,662646756&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=979
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x979, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8d29af1a9ab06f79b5cdf3ed5a77d5d8
a03707b01ed869fc06c137e8c673673e336884ee
a7c6c1dd1df06f17b4be51fdd71d38b555b780d932023c01918fa106837c9275
GET /it/u=406931611,662646756&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=979 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 16092
expires: Thu, 02 Feb 2023 03:54:11 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8d29af1a9ab06f79b5cdf3ed5a77d5d8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:54:11 GMT
ohc-cache-hit: ly4ct102 [1], csix102 [2]
ohc-file-size: 16092
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/534483.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/534483.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/534483.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=413075279,2279158334&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/204139.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/204139.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/204139.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421
12803.url.tudown.com/uploads/images/374864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/374864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/374864.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4066814996,903916700&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img2.baidu.com/it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800
42.81.98.35200 OK 50 kB URL HTTP/2 img2.baidu.com/it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d923a9f0d1fa83d845b7aa89e6aa5a6
5e72b1699f86948e30be5aad8627d0a3c15db420
90f384cea3b9b6f204ae18354dc391bedc2f3a735dd55e688e29b4623f71c431
GET /it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 49488
expires: Thu, 26 Jan 2023 13:16:23 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 9d923a9f0d1fa83d845b7aa89e6aa5a6
age: 175
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 13:16:23 GMT
ohc-cache-hit: tj5ct64 [2], wzix70 [2]
ohc-file-size: 49488
x-cache-status: HIT
X-Firefox-Spdy: h2
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 12 kB URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Hash 3f86d1e0b38f7c0c6be60d8ad45a61ca
b5a54b7b92d921e81e9914a2ade2fd14f6503a22
500d9dce8de324b94c2cd76fa50da18ca511e8bde70e0a56132713f5916fd27c
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Fri, 13 Jan 2023 21:42:17 GMT
etag: W/"630ecdaa-371a"
expires: Fri, 13 Jan 2023 22:42:17 GMT
last-modified: Wed, 31 Aug 2022 02:55:38 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c0e87b429f8f37de-143
X-Firefox-Spdy: h2
t15.baidu.com/it/u=413075279,2279158334&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 42 kB URL HTTP/1.1 t15.baidu.com/it/u=413075279,2279158334&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b3e1cadb23ed6571e82ab3a7b6e05057
a035bc8c5f644c2b3c369f8705d8ad1064ae62b4
377148e3980604d7d1c443ce5e10a0bf4c546a4bad8786f3bf358bc9fc7b7d57
GET /it/u=413075279,2279158334&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpeg
Content-Length: 42109
Connection: keep-alive
Expires: Tue, 07 Feb 2023 04:27:34 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: b3e1cadb23ed6571e82ab3a7b6e05057
Age: 173279
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 04:27:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache53 [4], xaix92 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42109
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/606053.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/606053.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/606053.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=280744994,3118369595&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=401
img1.baidu.com/it/u=88904505,1873622629&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
36.99.3.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=88904505,1873622629&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 95b0f2e6307f044bc39b750d533cdad2
68b365a8df13adb3f583f2f8200a7a3912967b30
78aad4bf8d8fad78e54f7e6d3067813a54b25e2acb789370868fa141891148d2
GET /it/u=88904505,1873622629&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 23012
expires: Tue, 24 Jan 2023 02:07:39 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 95b0f2e6307f044bc39b750d533cdad2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 02:07:39 GMT
ohc-cache-hit: ly4ct87 [1], qdix124 [2]
ohc-file-size: 23012
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/963079.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/963079.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/963079.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1289201735,4289421782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=562
img0.baidu.com/it/u=2975693406,847116364&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
36.99.3.35200 OK 53 kB URL HTTP/2 img0.baidu.com/it/u=2975693406,847116364&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4f77901ce1df785c4fb3d5a988786d4
498111662f356927d27da31b3cf3b56a9994ea30
7d0d2753f5f132f681d920d19914f46e9999c6c4bc246adc7c8208047aa68f91
GET /it/u=2975693406,847116364&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:18 GMT
content-type: image/webp
content-length: 53032
expires: Sat, 21 Jan 2023 06:04:24 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b4f77901ce1df785c4fb3d5a988786d4
age: 15941
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 06:04:24 GMT
ohc-cache-hit: ly4ct82 [4], czix82 [2]
ohc-file-size: 53032
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/860051.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/860051.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/860051.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=766948159,3313120789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=734
12803.url.tudown.com/uploads/images/836001.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/836001.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/836001.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2027264584,2614739660&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=147
12803.url.tudown.com/uploads/images/467235.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/467235.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/467235.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1192263288,423204837&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=63
12803.url.tudown.com/uploads/images/535769.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/535769.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/535769.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3397267350,77117617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
img0.baidu.com/it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421
36.99.3.35200 OK 143 kB URL HTTP/2 img0.baidu.com/it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1421, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 143 kB (142602 bytes)
Hash 5c790f35ee23fb4b63785b9524940daf
8b7a0483247bb938892c8007d08fa316163c297a
24b8649e793348f8a842dc2c6899a4739eae9e0d3729ed92c9372c8683ef2463
GET /it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 142602
expires: Sun, 15 Jan 2023 14:04:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5c790f35ee23fb4b63785b9524940daf
age: 276799
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 14:04:05 GMT
ohc-cache-hit: ly4ct73 [4], bdix109 [2]
ohc-file-size: 142602
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4066814996,903916700&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
36.99.3.35200 OK 34 kB URL HTTP/2 img0.baidu.com/it/u=4066814996,903916700&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55cdbd5ed040dd3490e1d657fa83c3eb
7cde4e5afe9ccdfe31ec067254205bb6f280dd70
be92a9aa1e2c0feb5fc11c0a805a8960e28bfe7ee3da39af8f84aca8934ef205
GET /it/u=4066814996,903916700&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 34412
expires: Mon, 23 Jan 2023 02:31:45 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 55cdbd5ed040dd3490e1d657fa83c3eb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 02:31:45 GMT
ohc-cache-hit: ly4ct87 [1], suzix87 [2]
ohc-file-size: 34412
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/716216.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/716216.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/716216.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2513096878,1922659072&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=364
12803.url.tudown.com/uploads/images/478638.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/478638.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/478638.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800
12803.url.tudown.com/uploads/images/534041.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/534041.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/534041.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3961739356,345708010&fm=253&app=120&f=JPEG?w=1280&h=800
img0.baidu.com/it/u=766948159,3313120789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=734
36.99.3.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=766948159,3313120789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=734
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x734, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca29d2db0579931d55381a5e606d30c7
85d1596b3068af21a9dfd80a975e2632d707c9b3
131b48f524143cf6282a80474346bae03d2528e2d7c16557e0a6f01bf14f3346
GET /it/u=766948159,3313120789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=734 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 20408
expires: Tue, 17 Jan 2023 06:37:13 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ca29d2db0579931d55381a5e606d30c7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 18 Dec 2022 06:37:13 GMT
ohc-cache-hit: ly4ct94 [1], xiangyix204 [2]
ohc-file-size: 20408
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=280744994,3118369595&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=401
42.81.98.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=280744994,3118369595&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=401
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x401, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 84c0cda0ed0b8984497bf39e55b7a35a
7415c1fe9b98ec77a541a8ad7175e9478968bb1b
657a22195008ef4493abfde9b7e31783851ce6218032470e4faa995df52aa42a
GET /it/u=280744994,3118369595&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=401 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 44598
expires: Wed, 18 Jan 2023 08:57:25 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 84c0cda0ed0b8984497bf39e55b7a35a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 08:57:25 GMT
ohc-cache-hit: tj5ct66 [1], czix202 [2]
ohc-file-size: 44598
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1289201735,4289421782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=562
42.81.98.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=1289201735,4289421782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=562
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x562, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc5d5c3fbac125bd84839f9e93aee66e
cedd569f4758086b987ab345225ad8de0849274c
1ccdc4ff28fecbb7abdd498ef44c6181f599155edb88b8aa30836e3ccfb88e3c
GET /it/u=1289201735,4289421782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=562 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 19740
expires: Fri, 20 Jan 2023 04:22:23 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: dc5d5c3fbac125bd84839f9e93aee66e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 04:22:23 GMT
ohc-cache-hit: tj5ct53 [1], xaix73 [2]
ohc-file-size: 19740
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2027264584,2614739660&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=147
42.81.98.35200 OK 5.4 kB URL HTTP/2 img2.baidu.com/it/u=2027264584,2614739660&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=147
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x147, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78d137dbaeefd0d104daaac4c23893de
a51e0beb1d2bdb8d2e93d944fcfc1bdd2d1975d5
486bb0ce5e1e903ae4d722d81f86e49dcbfe0063876d0f8e9d386ffb74e8cfb2
GET /it/u=2027264584,2614739660&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=147 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 5430
expires: Sat, 21 Jan 2023 15:25:40 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 78d137dbaeefd0d104daaac4c23893de
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 15:25:40 GMT
ohc-cache-hit: tj5ct59 [1], suzix158 [2]
ohc-file-size: 5430
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3397267350,77117617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
42.81.98.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=3397267350,77117617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdf7f6cce53e5f31f0f3e11a77c35c1f
355aab1566d16f3ced4834ae40df9c4a6dc71993
9e66982e7432ae3436434ea319398b62cd783023c049b83ec2612f984434cb7f
GET /it/u=3397267350,77117617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 37710
expires: Sun, 15 Jan 2023 20:36:46 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: cdf7f6cce53e5f31f0f3e11a77c35c1f
age: 159343
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 20:36:46 GMT
ohc-cache-hit: tj5ct65 [4], qdix223 [2]
ohc-file-size: 37710
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1192263288,423204837&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=63
36.99.3.35200 OK 1.8 kB URL HTTP/2 img0.baidu.com/it/u=1192263288,423204837&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=63
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x63, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78b0ac987338d630d4db50a18e222ea0
c4c61c625bacacacbeaa9649cc58fb6422dec80c
a2b8beb1b40280962bbb2b139cd802bedb01a3911b074edbf7cc1ee31d5ebd29
GET /it/u=1192263288,423204837&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=63 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 1842
expires: Fri, 20 Jan 2023 09:24:53 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 78b0ac987338d630d4db50a18e222ea0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 09:24:53 GMT
ohc-cache-hit: ly4ct104 [1], xaix232 [2]
ohc-file-size: 1842
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/204349.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/204349.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/204349.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/509078.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/509078.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/509078.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1359646874,3799939677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=810
12803.url.tudown.com/uploads/images/329359.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/329359.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/329359.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1381353357,3981865202&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=565
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 21:42:19 GMT
Last-Modified: Fri, 13 Jan 2023 15:48:36 GMT
ETag: "63c17d54-1d7"
Expires: Sun, 15 Jan 2023 15:48:36 GMT
Cache-Control: max-age=151577
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673646139
Via: cache3.l2de2[231,230,200-0,M], cache3.l2de2[232,0], cache7.se1[254,253,200-0,M], cache7.se1[255,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16736461393351090e
img2.baidu.com/it/u=2513096878,1922659072&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=364
42.81.98.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=2513096878,1922659072&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=364
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x364, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47d42bb3b5096ff9370452c410d20f0a
f4ccf2c5adc2d64064a5cf6adf8da25466e3aa44
71304e2ebbdb9edb49322e1d40c841abe14c366eb2571e904265aeb9f3cc8801
GET /it/u=2513096878,1922659072&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=364 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 42270
expires: Sun, 29 Jan 2023 00:02:11 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 47d42bb3b5096ff9370452c410d20f0a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 00:02:11 GMT
ohc-cache-hit: tj5ct65 [1], qdix228 [2]
ohc-file-size: 42270
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/643659.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/643659.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/643659.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2699172341,4068553794&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
12803.url.tudown.com/uploads/images/932470.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/932470.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/932470.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1182276568,2593972833&fm=253&fmt=auto&app=138&f=JPEG?w=633&h=500
12803.url.tudown.com/uploads/images/723637.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/723637.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/723637.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2688352154,3313082588&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=338
img2.baidu.com/it/u=3961739356,345708010&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 133 kB URL HTTP/1.1 img2.baidu.com/it/u=3961739356,345708010&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 133 kB (132966 bytes)
Hash 6957f2e61e5abf5b2333eb150ad325ad
da2754341b52683c5c459c0d673dea83757f2a58
4bed472fa6e07f18e3c611fa60d5043cb5391dcaf50d423106063af74bea39eb
GET /it/u=3961739356,345708010&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpeg
Content-Length: 132966
Connection: keep-alive
Expires: Tue, 24 Jan 2023 09:02:34 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 6957f2e61e5abf5b2333eb150ad325ad
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 09:02:34 GMT
Ohc-Cache-HIT: ntct63 [2], xiangyix238 [4]
Ohc-File-Size: 132966
X-Cache-Status: MISS
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 21:42:19 GMT
Last-Modified: Fri, 13 Jan 2023 15:48:36 GMT
ETag: "63c17d54-1d7"
Expires: Sun, 15 Jan 2023 15:48:36 GMT
Cache-Control: max-age=151577
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673646139
Via: cache26.l2de2[248,247,200-0,M], cache26.l2de2[250,0], cache1.se1[270,269,200-0,M], cache1.se1[271,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516736461394261022e
img1.baidu.com/it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800
36.99.3.35200 OK 47 kB URL HTTP/2 img1.baidu.com/it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b204c01c45cabefd79fac98cea1a8273
13c30dbaed0b19e2c72f1f35bafc37595b12ab03
54d3f63285c18782eb771f7c8bc1d4bda29901dbcbbc98b82941c16bc44c8319
GET /it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 46908
expires: Tue, 31 Jan 2023 15:48:26 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: b204c01c45cabefd79fac98cea1a8273
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 15:48:26 GMT
ohc-cache-hit: ly4ct51 [1], csix119 [2]
ohc-file-size: 46908
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
42.81.98.35200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0865d044b466c86d7ffa015a136afcf2
5c53721169752ea4d82c8b1150030876a4ced814
bb5412922a992e5fe2f504ea479fe772e4334c77ff23b5b81056f0ce49115246
GET /it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 48450
expires: Sat, 04 Feb 2023 03:44:01 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 0865d044b466c86d7ffa015a136afcf2
age: 170993
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 03:44:01 GMT
ohc-cache-hit: tj5ct55 [4], xiangyix159 [2]
ohc-file-size: 48450
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1381353357,3981865202&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=565
36.99.3.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=1381353357,3981865202&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=565
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x565, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 870adae99a16e8fb43ddac8c52e631ee
bce84f4531c8de3f336ca4c9c437d46a9d9a35b3
7fe4ab9054566555bc8071f0137ec28fcbc8344e193c9adb4ed22a79d556d524
GET /it/u=1381353357,3981865202&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=565 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 30056
expires: Sat, 14 Jan 2023 00:07:57 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 870adae99a16e8fb43ddac8c52e631ee
age: 172042
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 15 Dec 2022 00:07:57 GMT
ohc-cache-hit: ly4ct99 [4], xiangyix223 [2]
ohc-file-size: 30056
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/524777.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/524777.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/524777.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=IXR+6Tgd6mmKJy9lLpNM+4n5WOS7I2IyKCSMCXrylQ8gpmxlFrmx2ITnNUJWPgLxeaipIuL439BaFQ2+W1282EOTFfJ88Zf5X1Uh9ebfNqnFfu0oU8WNQ8oSghexAHxlm7c5xX3bmuTRJFtsotzDhNMzpqFplWRhrrCXAxZjhRpopEmd4CEldvif7UqZqtuvoKYnvSDkc3yNMxFsW6LKmPJkqtG83VmuG5thZL6TdjOm2U/RtfGd4C+tALavraz9Du+aNJLC6ItCAokG7Wqi+rofbB4h7Nj99AgzM2sYfJcwCmB9jMTAg1oD1zVIKrz6bC65bdFydGTSev7/khZ8uC7yONuPegQJCKqiFr2Ha/O3XNSJda5Hs8zqVjSplCC6dx+nEViO0K3djUIYSZTVFQ==|Tm6oerZpnhSbz4s5Ue6HlozAwEJcnbK3T4MoXo7B/JA=|10|90b119cde039e70d5e328fa59e10003f
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500
lupic.cdn.bcebos.com/20210629/2004916524_14.jpg
106.225.194.35200 OK 13 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2004916524_14.jpg
IP 106.225.194.35:0
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash f45634d5f90f67c9c3acc0461e77ef17
77b8b41aeb7de8b06165bfac6af8dfac11a7d951
51f1a672920b0b052f1e0e3b2b273db3b5b903020ad65ea762d3607a244a4b09
GET /20210629/2004916524_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/jpeg
content-length: 13214
expires: Sat, 14 Jan 2023 04:34:13 GMT
last-modified: Tue, 29 Jun 2021 20:43:08 GMT
etag: "f45634d5f90f67c9c3acc0461e77ef17"
age: 234466
accept-ranges: bytes
content-md5: 9FY01fkPZ8nDrMBGHnfvFw==
x-bce-content-crc32: 0
x-bce-debug-id: /TVME/ie2X4GH5l+lNQK4+Nobxi4it3Vect2KcWpQq1nJKwYlmNLdVxmS4w5wX+huetRmmobZTCsTwYIFFjcWA==
x-bce-request-id: cb8d77e3-6dbf-4e7e-86a3-63d0e8ad32d6
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 04:34:13 GMT
ohc-cache-hit: nc3ct51 [2], bdix175 [2]
ohc-file-size: 13214
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1359646874,3799939677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=810
36.99.3.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=1359646874,3799939677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=810
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x810, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0cb6cb32bf94ec54e1b3380d72a3ca0a
fce08b0a6b8fb1400fa31c831049022d69ca6308
a1670033d50383efcd839407d2c27b41aee52fdffd13fc97b0aec75a69897943
GET /it/u=1359646874,3799939677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=810 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 27806
expires: Thu, 26 Jan 2023 05:27:23 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 0cb6cb32bf94ec54e1b3380d72a3ca0a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 05:27:23 GMT
ohc-cache-hit: ly4ct85 [1], wzix85 [2]
ohc-file-size: 27806
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 21:42:19 GMT
Ali-Swift-Global-Savetime: 1673646139
Via: cache3.l2de2[477,477,200-0,M], cache3.l2de2[478,0], cache2.se1[501,500,200-0,M], cache2.se1[503,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616736461393551042e
t13.baidu.com/it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 31 kB URL HTTP/1.1 t13.baidu.com/it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1d05b5948a15602d79b26d6ff0eed43f
2f47cb7bcaae8cb2ccc6e58064ebe3939826b9a5
2723c4d2db059e74746ea13abe109b4e46bd5d8f187c46a97e776211ee553447
GET /it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:19 GMT
Content-Type: image/jpeg
Content-Length: 30894
Connection: keep-alive
Expires: Sun, 29 Jan 2023 03:50:46 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 1d05b5948a15602d79b26d6ff0eed43f
Age: 174806
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 03:50:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache55 [1], suzix196 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30894
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 21:42:19 GMT
Ali-Swift-Global-Savetime: 1673646139
Via: cache11.l2de2[479,478,200-0,M], cache11.l2de2[479,0], cache1.se1[500,499,200-0,M], cache1.se1[501,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516736461394111005e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 21:42:19 GMT
Last-Modified: Fri, 13 Jan 2023 15:48:36 GMT
ETag: "63c17d54-1d7"
Expires: Sun, 15 Jan 2023 15:48:36 GMT
Cache-Control: max-age=151577
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673646139
Via: cache10.l2de2[505,505,200-0,M], cache10.l2de2[506,0], cache3.se1[526,526,200-0,M], cache3.se1[528,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 21:42:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716736461394138931e
img0.baidu.com/it/u=2688352154,3313082588&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=338
36.99.3.35200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=2688352154,3313082588&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=338
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x338, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1345f01c82ab3bc0d8714184ac539fb
c26916ce51c23eb9e6cf00a8534a37b280af43d1
3fc15765d0c755a447b99fba8ca18fa409e7499dec2f0988a1b608862f21c79c
GET /it/u=2688352154,3313082588&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=338 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 23552
expires: Thu, 02 Feb 2023 02:41:34 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: a1345f01c82ab3bc0d8714184ac539fb
age: 81
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 02:41:34 GMT
ohc-cache-hit: ly4ct101 [4], csix115 [2]
ohc-file-size: 23552
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1182276568,2593972833&fm=253&fmt=auto&app=138&f=JPEG?w=633&h=500
36.99.3.35200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=1182276568,2593972833&fm=253&fmt=auto&app=138&f=JPEG?w=633&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 633x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 376adf6da6de1361d7821679737601a6
8626499e9f7154d1173e24142cbfa4da5296f676
e9461b829106e6a02be369138bd4a88fa91c3288646f76243ebd2fe74753700c
GET /it/u=1182276568,2593972833&fm=253&fmt=auto&app=138&f=JPEG?w=633&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/webp
content-length: 10486
expires: Tue, 24 Jan 2023 08:19:58 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 376adf6da6de1361d7821679737601a6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 08:19:58 GMT
ohc-cache-hit: ly4ct67 [1], bdix126 [2]
ohc-file-size: 10486
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20191203/3016601033_14.jpg
106.225.194.35200 OK 47 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3016601033_14.jpg
IP 106.225.194.35:0
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 474x338, components 3\012- data
Hash a27709bc00cead67c82dd1ea0e4c8365
cea12ca631fec53180d5b9ec351eefa1518874fe
626b82102871facf10702a6bb8cd9f8a8480506dba8c1deb37576635c5b69bb4
GET /20191203/3016601033_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/jpeg
content-length: 47080
expires: Sat, 14 Jan 2023 10:53:49 GMT
last-modified: Tue, 03 Dec 2019 07:54:34 GMT
etag: "a27709bc00cead67c82dd1ea0e4c8365"
age: 43389
accept-ranges: bytes
content-md5: oncJvADOrWfILdHqDkyDZQ==
x-bce-content-crc32: 3269727261
x-bce-debug-id: adyLlDj5eUD2ze+hmX0aK9jFkGCUxhYqOc73zuYCpoS+O9iWmSFgrhpfAg6UlsW96wDXDVULNGNEb9p2M8U4cw==
x-bce-request-id: 528f781b-06fa-422a-ba8c-ce9731cab9f9
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 10:53:49 GMT
ohc-cache-hit: nc3ct68 [2], czix232 [2]
ohc-file-size: 47080
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/2006674708_14.jpg
106.225.194.35200 OK 9.7 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2006674708_14.jpg
IP 106.225.194.35:0
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 14de964e1b49b9dd13901c37973d3bf5
fee149c5b57979a27b32da6c25e250b5b3ee09e9
25d2574f398ee4c1cf09f479aa72984d9e2e8791c772fdc5c572cbd7c418ad90
GET /20210629/2006674708_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/jpeg
content-length: 9709
expires: Mon, 16 Jan 2023 05:39:33 GMT
last-modified: Tue, 29 Jun 2021 21:54:38 GMT
etag: "14de964e1b49b9dd13901c37973d3bf5"
age: 57750
accept-ranges: bytes
content-md5: FN6WThtJud0TkBw3lz079Q==
x-bce-content-crc32: 0
x-bce-debug-id: PVgLxf9W0qtYVNMwvISQiHBVSNifpLKqtL8FcVWf59vIminHVMybhs4Sih+1l2UY6OkE5Q3l9vh+dleu10KwWw==
x-bce-request-id: ec7b402c-65f1-4c39-b93c-3f4785a4ba2c
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 05:39:33 GMT
ohc-cache-hit: nc3ct53 [2], czix238 [2]
ohc-file-size: 9709
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/522732_14.jpg
106.225.194.35200 OK 33 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/522732_14.jpg
IP 106.225.194.35:0
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash c229a1e71f4dd7f1c9a7c1e99b27e2eb
51a195723426b1f307730b4ab867fc5754b80ace
a14e662014ff83f5a9631862a27d56b12d051491f3c70d86fd8b42dcda6f653b
GET /20210629/522732_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/jpeg
content-length: 32974
expires: Sun, 15 Jan 2023 02:15:56 GMT
last-modified: Thu, 01 Jul 2021 06:40:33 GMT
etag: "c229a1e71f4dd7f1c9a7c1e99b27e2eb"
age: 156300
accept-ranges: bytes
content-md5: wimh5x9N1/HJp8Hpmyfi6w==
x-bce-content-crc32: 0
x-bce-debug-id: J+XCo9Yw4VR7972iJZIftO6xVHYDsmSBsRu+WvGrBOfEBM3SLGoxFELQ2+y/7pXxtVNXJJ7O6A1xjZM7hVuzew==
x-bce-request-id: ae504058-5702-45a3-bf9e-1f6c3884ff3e
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 02:15:56 GMT
ohc-cache-hit: nc3ct50 [2], czix50 [4]
ohc-file-size: 32974
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20220601/3086818421_14_600_429.jpg
106.225.194.35200 OK 21 kB URL HTTP/2 lupic.cdn.bcebos.com/20220601/3086818421_14_600_429.jpg
IP 106.225.194.35:0
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x429, components 3\012- data
Hash 076becc0d6d00495870a50d2a61dd1d9
3d5996257f7680e018271767b35d2eaae9cbcab9
0b05cab17520ecf2dbadb851a944fbb5396168d918cb20e5bcd07db7670f5704
GET /20220601/3086818421_14_600_429.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/jpeg
content-length: 21105
expires: Sun, 15 Jan 2023 12:51:54 GMT
last-modified: Thu, 02 Jun 2022 03:36:53 GMT
etag: "076becc0d6d00495870a50d2a61dd1d9"
age: 110869
accept-ranges: bytes
content-md5: B2vswNbQBJWHClDSph3R2Q==
x-bce-content-crc32: 1922509067
x-bce-debug-id: IJULy8hA2XxEywJ59M4DFo/hPRE+451G5DyoiPKGSsaBhLmk3h0R6eTs16knp7nlmcVrB/iIBEF744pKJm0IHQ==
x-bce-request-id: 207af164-9d0d-49c6-8d74-73a3cc54eaaf
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 12:51:54 GMT
ohc-cache-hit: nc3ct55 [4], xiangyix141 [2]
ohc-file-size: 21105
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20220722/3087279326_14_314_224.jpg
106.225.194.35200 OK 9.9 kB URL HTTP/2 lupic.cdn.bcebos.com/20220722/3087279326_14_314_224.jpg
IP 106.225.194.35:0
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 314x224, components 3\012- data
Hash f87cd6adb1b765a8a069461a5a33f3ce
112cd36ab37375259485751230eddd1a5019df7e
4e7ec8140b258fcd1e48b75fbb5c247a1a475ef2fdc8f6214a5e669f90415713
GET /20220722/3087279326_14_314_224.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 21:42:19 GMT
content-type: image/jpeg
content-length: 9881
expires: Sun, 15 Jan 2023 09:51:58 GMT
last-modified: Tue, 26 Jul 2022 03:38:30 GMT
etag: "f87cd6adb1b765a8a069461a5a33f3ce"
age: 125580
accept-ranges: bytes
content-md5: +HzWrbG3ZaigaUYaWjPzzg==
x-bce-content-crc32: 4032575567
x-bce-debug-id: ZdmBl8zDLzHKPrPpHVh5GFMFZsMJemKodNjhJSyuWysItDLwIjFpm8NK81NBHSk18xhQygwiTtau3rvxjY91Tg==
x-bce-request-id: 6579e63b-e9f7-4802-b0ab-56bd8dfdebe2
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 09:51:58 GMT
ohc-cache-hit: nc3ct66 [2], czix234 [2]
ohc-file-size: 9881
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12803.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/windows@34_147488.exe
Cookie: __bid_n=185acc55f91f14ad184207; FPTOKEN=rH+uPfpxCkWVT9p26QqKOwLBt6BKySRn/wNRWNPZC2Ka8rgnCcGNMNgXAmxulc6BfLsZu3JFPdk2ggcSp7n25SWnxAbxeJrif1VMdvhq3YRJiIp0nZlAY2LvWfx6b/HVZaS48jYS4LIcjH0ATnYI52V8yJ8+8qf3/RU253GOWA33m1p8Fs8b0LOsN+LmBtOD4YuS2ntJda/zzAMHS85zrsoqDrgqFCyXkUWJrZ1wGrUUDr93RitgfGGbqIeNmrSaUIH7xbSSPNataTdm+CEc+g3noxk0N5cK4rymy0mYhwTFdiiLLNxUxLxcrKegImbzkMrAwmFhTwhAGq8iuZ7+NKYNANAFO36vs1VR23WQLp4Qk2KB+fT2P6rGcRIk9pqQDSmIsvfyTR98ZBgDTU9hYA==|SBdAfhHzvaGnc1BiyOXeyiRQnNkySqJ/adQue/fSE78=|10|e8f60ad78bdb5fba972bd68df5a8422c; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673646120; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1673646120
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 21:42:20 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.248200 OK 0 B URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.248:0
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Fri, 13 Jan 2023 20:54:39 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1673643279
via: cache59.l2cn3037[0,0,304-0,H], cache17.l2cn3037[0,0], cache17.l2cn3037[1,0], vcache23.cn4733[0,0,200-0,H], vcache28.cn4733[2,0]
age: 2855
x-cache: HIT TCP_MEM_HIT dirn:11:281726773
x-swift-savetime: Fri, 13 Jan 2023 20:54:41 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c73016736461349593881e
content-encoding: gzip
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1071458562,882838428&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 0 B URL HTTP/1.1 t13.baidu.com/it/u=1071458562,882838428&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /it/u=1071458562,882838428&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 21:42:17 GMT
Content-Type: image/jpeg
Content-Length: 67911
Connection: keep-alive
Expires: Tue, 07 Feb 2023 13:54:42 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e50cf4523607dbb0ec09f247bea76a41
Age: 174742
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 13:54:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], bduncache59 [4], wzix59 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 67911
X-Cache-Status: HIT
Timing-Allow-Origin: *