r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5708
Expires: Thu, 02 Feb 2023 05:37:18 GMT
Date: Thu, 02 Feb 2023 04:02:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Thu, 02 Feb 2023 05:45:55 GMT
Date: Thu, 02 Feb 2023 04:02:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17417
Expires: Thu, 02 Feb 2023 08:52:27 GMT
Date: Thu, 02 Feb 2023 04:02:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 03:36:03 GMT
content-type: application/json
age: 1567
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /ZAnu/n5s1D3LcbJFSL4cNAu47Kj6U7t21K4vYvp4EpkyTzjphQVWHsBzyRMdr9dWdTCuQCSWn8=
x-amz-request-id: S35V0J3VNDTEXDFH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 03:51:49 GMT
age: 621
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:02:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 03:49:05 GMT
age: 785
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
200 OK 9.5 kB URL HTTP/1.1 12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1400)
Hash bfb1d2e7069794dbc3631000195257df
9ad3f6932813b8b25da560c7bd70f14111c4a50b
8dcbc60a8f54b062b70ea82e9426c33217404afd2dab8d548c938a8ae8e7d21c
Analyzer Verdict Alert fortinet Malware
GET /down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3939
Expires: Thu, 02 Feb 2023 05:07:49 GMT
Date: Thu, 02 Feb 2023 04:02:10 GMT
Connection: keep-alive
12803.url.tudown.com/template/company/moban/index_files/common20200314.css
200 OK 11 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/common20200314.css
IP
ASN #137951 Clayer Limited
Hash 45e7104994ba9d28a3840e7b57fe10db
8f3fa3c7e86d69b7f7d1d87cb88db05d369084ad
d7d57f9fd8ca7419fd1151643a1a11d1f947e0ce14409758536c5f78feb7a3a7
GET /template/company/moban/index_files/common20200314.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:10 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7511-b757"
Expires: Thu, 02 Feb 2023 16:02:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/js/orsxg5a.script
200 OK 531 B URL HTTP/1.1 12803.url.tudown.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z6gc+xMzwU8Tk4E081jKGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zAHux9sX4lujUG0/DGHBWLSnwt4=
12803.url.tudown.com/template/company/moban/js/push.js
200 OK 281 B URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/push.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /template/company/moban/js/push.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: application/javascript
Content-Length: 281
Last-Modified: Mon, 31 Oct 2022 07:24:37 GMT
Connection: keep-alive
ETag: "635f7835-119"
Expires: Thu, 02 Feb 2023 16:02:11 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/js/hm.js
200 OK 12 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/hm.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1075), with CRLF line terminators
Hash 5edaed7ef425da9212ba1892bd7da753
341e9f19f879261b7c47b3b988fee87aa028da9e
b0d03117ba938b859d9422c740dc2ce315c3d91b78ed6bcdd6e059a1aa0808e5
GET /template/company/moban/js/hm.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:24:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f784a-781d"
Expires: Thu, 02 Feb 2023 16:02:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/js/common200314.js
200 OK 7.9 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/common200314.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (582), with CRLF line terminators
Hash c63394e2ec253720b14b63812f72fdc4
acd72fdd9431629de8334bcf14f2b3eaba8455f7
13eb4601f2369316cae59b5a826dbc359bf7761e503e3f9b2681c8db6db9a68b
GET /template/company/moban/js/common200314.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7885-70d5"
Expires: Thu, 02 Feb 2023 16:02:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/index_files/seo0327.css
200 OK 625 B URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/seo0327.css
IP
ASN #137951 Clayer Limited
Hash 711032f9fe79a8a5ad4e93ef3b5d630a
592e0c0dfa651a9e71376ad3bbbc5cbd192c991c
c97203ea0db06a934f0ebc3c9e2796891215551df15abf9f12f0edf2a076ae5d
GET /template/company/moban/index_files/seo0327.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7515-59b"
Expires: Thu, 02 Feb 2023 16:02:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/js/jquery.js
200 OK 1.4 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/jquery.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash b0e3a6733a542de9809c5d7db72f8040
91b6e610ee2a602873c1e2d0fbea7cfa5370b4f7
3970f3998e97d13c827a4043241bdec5797f55ed3ce12939226e62f63b19d4a7
GET /template/company/moban/js/jquery.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7873-ca4"
Expires: Thu, 02 Feb 2023 16:02:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/js/jquery-1.js
200 OK 38 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/js/jquery-1.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32038), with CRLF line terminators
Hash adbc5e76397fe7c0f17d0c2f86d22aca
d7ae0f7aad6555282106498db4573df817d1ea11
6e1a6d6592d35652998b135ec2dde01b5326006bf3199a633b2bbd768725a7e6
GET /template/company/moban/js/jquery-1.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f785f-176d8"
Expires: Thu, 02 Feb 2023 16:02:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 24aa4f58ac7938c13bb7fd5606cc464d
2b0bd78ed2ce50667a3962a568fa5d2e3d770954
0e4f0be86bf60d6bca4d77be71f5f2a3537a0eae77054492f310ffb12b858071
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4F0BE86BF60D6BCA4D77BE71F5F2A3537A0EAE77054492F310FFB12B858071"
Last-Modified: Mon, 30 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15535
Expires: Thu, 02 Feb 2023 08:21:06 GMT
Date: Thu, 02 Feb 2023 04:02:11 GMT
Connection: keep-alive
12803.url.tudown.com/template/company/moban/index_files/yyh.png
200 OK 3.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/yyh.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ff16370de7effacbc2dad368909f4ce9
6797aa73900e37841cd8f26d20afbbce76ed2bd4
18d1ff6e85efd537b99aae82df385b44b02f9699df6ee5d4295069034fdfd4f0
GET /template/company/moban/index_files/yyh.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/png
Content-Length: 3307
Last-Modified: Mon, 31 Oct 2022 07:11:41 GMT
Connection: keep-alive
ETag: "635f752d-ceb"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 8e9ffa32d38d85d47ce85365e7c82d26
89c5f51e0a6b585546c56bc00ea8a2ef9f0d5ff7
95d0b251d87d0e758664cb4f865fdcf2141d48dbf50a7a742d3b91fa9b2c9c7e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 03:16:26 GMT
ETag: "89c5f51e0a6b585546c56bc00ea8a2ef9f0d5ff7"
Last-Modified: Thu, 02 Feb 2023 03:16:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 282
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793007a87f80b523-OSL
12803.url.tudown.com/template/company/moban/index_files/logo2.png
200 OK 5.7 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/logo2.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 172 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c00109aa99d34615f91984307d2d4de
3bde4746cc37110bccb5766f077002da9c251582
80b083f9300489095112b79c8af03547db4eaede2ba43ff6ac4b828e2428fc9d
GET /template/company/moban/index_files/logo2.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/png
Content-Length: 5697
Last-Modified: Mon, 31 Oct 2022 07:11:36 GMT
Connection: keep-alive
ETag: "635f7528-1641"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/index_files/close_black.png
200 OK 9.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/close_black.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 840 x 832, 8-bit/color RGBA, non-interlaced\012- data
Hash 61258db0845df63b5aef5e137b425ba7
00be51fff891b55e1b0e0ed5972b9c0c12b182b5
f65333f53a9c02d89ba24e8679788371f8076f5be618a44cddfa314cb14521e1
GET /template/company/moban/index_files/close_black.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/png
Content-Length: 9098
Last-Modified: Mon, 31 Oct 2022 07:11:30 GMT
Connection: keep-alive
ETag: "635f7522-238a"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/index_files/searchbox_action.png
200 OK 6.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/searchbox_action.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 60 x 60, 16-bit/color RGBA, non-interlaced\012- data
Hash 99e950348c1a490f8fe53e5c5b1b32a6
6f79160d4f4161f19ab2058d2480f156dd5ee408
d11a69c15618f1ed03351f4b41fb7bbdbcc6b4743a44c2dad6127eb5f7b45b06
GET /template/company/moban/index_files/searchbox_action.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/png
Content-Length: 6235
Last-Modified: Mon, 31 Oct 2022 07:11:37 GMT
Connection: keep-alive
ETag: "635f7529-185b"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/322467.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/322467.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/322467.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3291717560,911863385&fm=253&fmt=auto&app=138&f=JPEG?w=503&h=500
12803.url.tudown.com/uploads/images/478446.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/478446.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/478446.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1100296576,909913639&fm=224&app=112&f=JPEG?w=500&h=459
12803.url.tudown.com/uploads/images/821426.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/821426.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/821426.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c3cc02f5c7bc1ef778e8c5f6b23f2032
9787e7675aa9c1b73b97a80dfd098b926cfe8438
4370dc238ccfbf4f5cc17f00fefdd7df2ce0e0af1c996b6a96d0f2cc8284b85e
GET /it/u=2162655386,1343717650&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpeg
Content-Length: 47245
Connection: keep-alive
Expires: Fri, 10 Feb 2023 09:33:21 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: c3cc02f5c7bc1ef778e8c5f6b23f2032
Age: 1843715
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 09:33:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache51 [4], bdix106 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47245
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/template/company/moban/index_files/icon_03.png
200 OK 3.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/icon_03.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 26cf006988edd9c4eb048a12f20d8f12
f5875a0dfadf0b2d7ba040de986d3e92ec4f2992
87510ec460049035d8d4bdd190024b2f297df37e1fd36f5eb122cc12737cbc23
GET /template/company/moban/index_files/icon_03.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/png
Content-Length: 3164
Last-Modified: Mon, 31 Oct 2022 07:11:32 GMT
Connection: keep-alive
ETag: "635f7524-c5c"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/images/icon_01.png
200 OK 9.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/images/icon_01.png
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1376)
Hash d1088630f53b5fa6f0bdf6d70e7feb91
099da9a71f4371955df5ff6fdb3af1c63239dba9
1fff4535159d1a4cfc8f225b540e28b66bc9d220388449cfddd6580b7fa9afcb
GET /template/company/moban/images/icon_01.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/moban/images/icon_06.png
200 OK 9.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/images/icon_06.png
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1418)
Hash 2bd12a9e98f5bce9ffa46236712e0431
86835dee213aa58bd99db82f90dcee5506b13c11
21b0580c33afa7fec523db0c490d8132364a9de97f1c9b57de8a4f3f50a747bb
GET /template/company/moban/images/icon_06.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
t14.baidu.com/it/u=1100296576,909913639&fm=224&app=112&f=JPEG?w=500&h=459
200 OK 26 kB URL HTTP/1.1 t14.baidu.com/it/u=1100296576,909913639&fm=224&app=112&f=JPEG?w=500&h=459
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x459, components 3\012- data
Hash 183dbe8088b250ba9a5f7f3181069838
faf1396ff08653efc188cb09226d0130cfbcd809
6ecf8ebd78cce03c62bc6fe20b5da64456f8eaaea687b15ee9f5e0792011ae67
GET /it/u=1100296576,909913639&fm=224&app=112&f=JPEG?w=500&h=459 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpeg
Content-Length: 25868
Connection: keep-alive
Expires: Sat, 04 Feb 2023 16:29:28 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 183dbe8088b250ba9a5f7f3181069838
Age: 1836174
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 16:29:28 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache59 [2], bdix175 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 25868
X-Cache-Status: HIT
12803.url.tudown.com/template/company/moban/index_files/icon_04.png
200 OK 3.0 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/icon_04.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cfb3c0eccae9226e14ecc2f1642b6f35
b2b6497c7b8441cf2562ec555ed6a5465aacd8d9
44058ef0ee0a2252592665923108686538ac74c78ef05131fb47b455d562965d
GET /template/company/moban/index_files/icon_04.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/png
Content-Length: 3044
Last-Modified: Mon, 31 Oct 2022 07:11:34 GMT
Connection: keep-alive
ETag: "635f7526-be4"
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 02 Feb 2023 04:02:12 GMT
Etag: "4078521116"
Expires: Fri, 02 Feb 2024 04:02:12 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=38999B5DCCD46060846A784B116A2548:FG=1; max-age=31536000; expires=Fri, 02-Feb-24 04:02:12 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12803.url.tudown.com/uploads/images/213028.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/213028.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/213028.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=70958492,888692190&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800
12803.url.tudown.com/uploads/images/890363.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/890363.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/890363.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=566118303,4044877346&fm=253&app=120&f=JPEG?w=1280&h=800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16452
Expires: Thu, 02 Feb 2023 08:36:24 GMT
Date: Thu, 02 Feb 2023 04:02:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16452
Expires: Thu, 02 Feb 2023 08:36:24 GMT
Date: Thu, 02 Feb 2023 04:02:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16452
Expires: Thu, 02 Feb 2023 08:36:24 GMT
Date: Thu, 02 Feb 2023 04:02:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16452
Expires: Thu, 02 Feb 2023 08:36:24 GMT
Date: Thu, 02 Feb 2023 04:02:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f4dbd75e0cdc28265ccbe825c5c5b6c
78187b014be0ee8bf7543fb873915db8a9c8dbc4
bf49642b990d73f58ca5f9ee979271ba2ab80bae94c8f333fa5737b16016d1c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7036
x-amzn-requestid: 9d54dd82-add1-4d7d-97b7-53c92eecb724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJxCHAqoAMF3qA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcd3-109d34d11a9834886e3080ee;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U45NW79hI4Vtd7fV7kXnxqlxRQzC-u9PVlNK4D1pBkAa8CBYuUf9ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:06:05 GMT
age: 75367
etag: "78187b014be0ee8bf7543fb873915db8a9c8dbc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tO6GOuwj9So6Itm9ug-EQgF5iJ3NPidhS8OY4LpBvq0XftWTqGcOHA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:16 GMT
age: 21896
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0ca0ccee69fbee57aac373f94120bb4
5d6309502ffd0c33f6199d46f0d14d0a22e3c752
bed9d4689ff57fa636ee08dab3eef3cdf6c4e0a7103e5185151afe8ddfb755f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11552
x-amzn-requestid: 611f63cb-f058-493b-ac86-7e268b866fd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTvG9VIAMFgPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc17-78de7563537b111924100346;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lHLm3IkJRn59US_8SXKXQnNDUiCLIWnQ7QN-DWB3jkot9Ub3b6FUgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:11 GMT
age: 21661
etag: "5d6309502ffd0c33f6199d46f0d14d0a22e3c752"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 02:29:58 GMT
age: 5534
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 20597
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: a266acae-8f1e-4cd7-b93b-e40aa5393521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUpGcmoAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1d-1fbae7785fccc58f71c1b3e9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PevXZz9rkBo3Cy6EooCVOpSoHyeKHMoYFjKRrvDld34WFWXzOmpANQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:11:31 GMT
age: 21041
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1303139904&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=39351&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E8%258E%25B2%25E8%258A%25B1ic%25E8%25AF%25BB%25E5%258D%25A1%25E5%2599%25A8pc%25E6%25B5%258B%25E8%25AF%2595%25E5%25B7%25A5%25E5%2585%25B7%2520v2.0%2520%25E5%2585%258D%25E8%25B4%25B9%25E7%25BB%25BF%25E8%2589%25B2%25E7%2589%2588%40156_331519.exe&tt=yabo%E4%BA%9A%E5%8D%9A%E5%85%A8%E7%AB%99%E5%AE%98%E7%BD%91-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1303139904&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=39351&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E8%258E%25B2%25E8%258A%25B1ic%25E8%25AF%25BB%25E5%258D%25A1%25E5%2599%25A8pc%25E6%25B5%258B%25E8%25AF%2595%25E5%25B7%25A5%25E5%2585%25B7%2520v2.0%2520%25E5%2585%258D%25E8%25B4%25B9%25E7%25BB%25BF%25E8%2589%25B2%25E7%2589%2588%40156_331519.exe&tt=yabo%E4%BA%9A%E5%8D%9A%E5%85%A8%E7%AB%99%E5%AE%98%E7%BD%91-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1303139904&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=39351&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E8%258E%25B2%25E8%258A%25B1ic%25E8%25AF%25BB%25E5%258D%25A1%25E5%2599%25A8pc%25E6%25B5%258B%25E8%25AF%2595%25E5%25B7%25A5%25E5%2585%25B7%2520v2.0%2520%25E5%2585%258D%25E8%25B4%25B9%25E7%25BB%25BF%25E8%2589%25B2%25E7%2589%2588%40156_331519.exe&tt=yabo%E4%BA%9A%E5%8D%9A%E5%85%A8%E7%AB%99%E5%AE%98%E7%BD%91-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Feb 2023 04:02:12 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1582673DD0A78676; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12803.url.tudown.com/uploads/images/911420.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/911420.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/911420.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=78065380,2722179932&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=357
12803.url.tudown.com/uploads/images/181668.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/181668.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/181668.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/346743.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/346743.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/346743.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500
12803.url.tudown.com/uploads/images/821019.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/821019.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/821019.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/228475.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/228475.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/228475.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1787926149,2806024806&fm=253&fmt=auto&app=138&f=PNG?w=888&h=500
12803.url.tudown.com/uploads/images/930468.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/930468.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/930468.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3905197881,179839652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
12803.url.tudown.com/uploads/images/340130.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/340130.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/340130.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2469901256,3578058512&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/733857.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/733857.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/733857.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2227173494,491648514&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/145697.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/145697.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/145697.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1734358120,1158574489&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/209577.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/209577.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209577.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3357285955,1631089510&fm=253&app=120&f=JPEG?w=1422&h=800
12803.url.tudown.com/uploads/images/122634.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/122634.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/122634.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1637806772,4169990524&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
12803.url.tudown.com/uploads/images/560102.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/560102.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/560102.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3929678588,835781884&fm=253&app=120&f=JPEG?w=800&h=1280
t15.baidu.com/it/u=1734358120,1158574489&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 29 kB URL HTTP/1.1 t15.baidu.com/it/u=1734358120,1158574489&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 446aed218475fdea443b81aac9965f53
e735e5b138cbc2f3b5cf639a01d8666a732d8cfa
ce2da7e9c11b056b143127872f700426744c0b8b2e7db2f145940a5891e83d97
GET /it/u=1734358120,1158574489&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpeg
Content-Length: 28712
Connection: keep-alive
Expires: Mon, 06 Feb 2023 06:17:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 446aed218475fdea443b81aac9965f53
Age: 1838272
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 06:17:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [2], suzix153 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28712
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=2227173494,491648514&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 53 kB URL HTTP/1.1 t14.baidu.com/it/u=2227173494,491648514&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 72605d930c4e1b01d4702c87fdfbc72a
7986eacfcf4bbe25b0083bf82056e9f8383ceec7
d2b587d43b0e4c2a5eb34e27df3b8631562cff3490140b35e1abfce216b4838f
GET /it/u=2227173494,491648514&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpeg
Content-Length: 52892
Connection: keep-alive
Expires: Tue, 07 Feb 2023 13:33:04 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 72605d930c4e1b01d4702c87fdfbc72a
Age: 2125748
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 13:33:04 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache50 [1], qdix97 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52892
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/862470.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/862470.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/862470.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/315391.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/315391.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/315391.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1605354595,4022503807&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
12803.url.tudown.com/uploads/images/643026.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/643026.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/643026.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1771475930,3993758744&fm=253&app=120&f=JPEG?w=1422&h=800
img2.baidu.com/it/u=566118303,4044877346&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 57 kB URL HTTP/1.1 img2.baidu.com/it/u=566118303,4044877346&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash edf2e1ad64bc7704a514c521479aea62
1f5bd8094da753633cb7a117c8275a99c062e7db
b80011d167d10d26b520cf593523f9505c45176c9df7389cc066a78e44601fac
GET /it/u=566118303,4044877346&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:12 GMT
Content-Type: image/jpeg
Content-Length: 57060
Connection: keep-alive
Expires: Mon, 13 Feb 2023 17:19:14 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: edf2e1ad64bc7704a514c521479aea62
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 17:19:14 GMT
Ohc-Cache-HIT: dy2ct106 [1], suzix106 [4]
Ohc-File-Size: 57060
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/33038.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/33038.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/33038.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3165041318,1431804873&fm=253&fmt=auto&app=138&f=GIF?w=379&h=500
12803.url.tudown.com/uploads/images/631164.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/631164.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/631164.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3489587856,3080030420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659
12803.url.tudown.com/uploads/images/107938.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/107938.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/107938.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1435572426,820340724&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=3291717560,911863385&fm=253&fmt=auto&app=138&f=JPEG?w=503&h=500
200 OK 34 kB URL HTTP/2 img2.baidu.com/it/u=3291717560,911863385&fm=253&fmt=auto&app=138&f=JPEG?w=503&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 503x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 474d9d47f5cace21072ad547f9bf07f8
1941f5c7edf6472233d58be244abf06aa8b5c8df
f142ed78643c4fd646d4bfb8d6c66a25d9b5740fcd094963d67330b6a2551f78
GET /it/u=3291717560,911863385&fm=253&fmt=auto&app=138&f=JPEG?w=503&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:12 GMT
content-type: image/webp
content-length: 34530
expires: Mon, 27 Feb 2023 00:36:19 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 474d9d47f5cace21072ad547f9bf07f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 00:36:19 GMT
ohc-cache-hit: dy2ct109 [1], xiangyix109 [2]
ohc-file-size: 34530
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3905197881,179839652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
200 OK 23 kB URL HTTP/2 img2.baidu.com/it/u=3905197881,179839652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f6a6be04b6544f02b1009db17f840f17
1a862b4fb61fdf5a7b3ba44316825f0788e17eb0
1e7161c88c3eb2ef0d18b91217105061c462682fc74b94407b152fdb16b8d315
GET /it/u=3905197881,179839652&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:12 GMT
content-type: image/webp
content-length: 22740
expires: Wed, 22 Feb 2023 04:47:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f6a6be04b6544f02b1009db17f840f17
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 04:47:23 GMT
ohc-cache-hit: dy2ct61 [1], qdix61 [4]
ohc-file-size: 22740
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 54 kB URL HTTP/1.1 t14.baidu.com/it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash eabfe3c7f9aae8669a0c5a1c7edbe656
dfc586e81a6cb2a217b1890c5356c4306c7a336c
54738ce67a23451a1af52c2c098ab0539256fa3a72a6d41d3ccb3b90f8c645ec
GET /it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 54331
Connection: keep-alive
Expires: Tue, 07 Feb 2023 04:29:05 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: eabfe3c7f9aae8669a0c5a1c7edbe656
Age: 1838863
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 04:29:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache59 [1], xiangyix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 54331
X-Cache-Status: HIT
Timing-Allow-Origin: *
api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 02 Feb 2023 04:02:13 GMT
img2.baidu.com/it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500
200 OK 66 kB URL HTTP/1.1 img2.baidu.com/it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash bde4e9459c14d9722389b1540490579c
5078f6cd2fb395dace777c0e27dfd56ec1e8eed0
0d6619256155968834d70bdc486fdec7aacb274da23296f3245cc7251720fadd
GET /it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 66169
Connection: keep-alive
Expires: Thu, 23 Feb 2023 10:57:48 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bde4e9459c14d9722389b1540490579c
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 10:57:48 GMT
Ohc-Cache-HIT: dy2ct77 [1], wzix77 [4]
Ohc-File-Size: 66169
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/146506.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/146506.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/146506.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3872727475,2067535217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/204676.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/204676.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/204676.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2943405543,1419410761&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/271929.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/271929.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/271929.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1261401628,3354072970&fm=253&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/881653.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/881653.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/881653.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2480363511,1866421033&fm=224&app=112&f=JPEG?w=500&h=460
12803.url.tudown.com/uploads/images/541124.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/541124.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/541124.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363
img2.baidu.com/it/u=70958492,888692190&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800
200 OK 55 kB URL HTTP/2 img2.baidu.com/it/u=70958492,888692190&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 24b5551477bab7e04167c3e315bff0e8
ebf89a7206c414a21dd7b97447e56ed42f13eccb
68db7e8acd9140c73762b27e48087eed47741660c4aaa9615510b635f1fd93ec
GET /it/u=70958492,888692190&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:12 GMT
content-type: image/webp
content-length: 54790
expires: Sat, 18 Feb 2023 03:39:53 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 24b5551477bab7e04167c3e315bff0e8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 03:39:53 GMT
ohc-cache-hit: dy2ct103 [1], bdix103 [4]
ohc-file-size: 54790
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/465012.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/465012.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/465012.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
img0.baidu.com/it/u=3357285955,1631089510&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 81 kB URL HTTP/1.1 img0.baidu.com/it/u=3357285955,1631089510&fm=253&app=120&f=JPEG?w=1422&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash 89352d2d9bc85441585532da225afe79
c73947cf7abc6679471360c24fd0f042f56b76fd
83236701880d6ef951626a265831cacc26ca015d3216b439bfe9935f808798fa
GET /it/u=3357285955,1631089510&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 80731
Connection: keep-alive
Expires: Sun, 12 Feb 2023 20:09:27 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 89352d2d9bc85441585532da225afe79
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 20:09:27 GMT
Ohc-Cache-HIT: yy2ct60 [1], xiangyix88 [2]
Ohc-File-Size: 80731
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/431641.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/431641.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/431641.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=650566612,3704798333&fm=253&fmt=auto?w=92&h=69
img2.baidu.com/it/u=3929678588,835781884&fm=253&app=120&f=JPEG?w=800&h=1280
200 OK 98 kB URL HTTP/1.1 img2.baidu.com/it/u=3929678588,835781884&fm=253&app=120&f=JPEG?w=800&h=1280
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1280, components 3\012- data
Hash 1f528440999cf406954fa83295be3ebc
823d3cc0f4142fddc587030f73893875311dc39e
4954bb85809227e2211aab165d0f393e63203f82ac1bd4e0581967087cea3cdd
GET /it/u=3929678588,835781884&fm=253&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 97540
Connection: keep-alive
Expires: Tue, 07 Feb 2023 04:24:30 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 1f528440999cf406954fa83295be3ebc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 04:24:30 GMT
Ohc-Cache-HIT: dy2ct96 [1], xaix161 [2]
Ohc-File-Size: 97540
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/13961.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/13961.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/13961.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=583910188,2986410763&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
12803.url.tudown.com/uploads/images/908966.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/908966.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/908966.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=271920530,2360247110&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/356522.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/356522.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/356522.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1993835564,157521125&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=720
img0.baidu.com/it/u=1637806772,4169990524&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
200 OK 46 kB URL HTTP/2 img0.baidu.com/it/u=1637806772,4169990524&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x702, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 773222a186b2dd6275b083ea6686528d
e4a0ca134e5f0d301aac930202c4414b81b39418
6019b495744a2a25653ffe5e6d4653de961917f4c61fceb212006ff61ac1151d
GET /it/u=1637806772,4169990524&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 45734
expires: Tue, 14 Feb 2023 02:29:57 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 773222a186b2dd6275b083ea6686528d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 02:29:57 GMT
ohc-cache-hit: dy2ct64 [1], wzix64 [4]
ohc-file-size: 45734
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1787926149,2806024806&fm=253&fmt=auto&app=138&f=PNG?w=888&h=500
200 OK 80 kB URL HTTP/2 img1.baidu.com/it/u=1787926149,2806024806&fm=253&fmt=auto&app=138&f=PNG?w=888&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 888x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c35c82516bc2cfce75d443710593d167
ab81c4f5f87a569450114d45546e3193f63ccd8c
eee043bcca65a513ef0c4cc3fc7c01ebf7c114c9a357432fef1b0443c64e28c2
GET /it/u=1787926149,2806024806&fm=253&fmt=auto&app=138&f=PNG?w=888&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 79766
expires: Sun, 05 Feb 2023 01:22:15 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c35c82516bc2cfce75d443710593d167
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 01:22:15 GMT
ohc-cache-hit: dy2ct60 [1], wzix60 [4]
ohc-file-size: 79766
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/465168.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/465168.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/465168.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2854349026,3022620648&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img1.baidu.com/it/u=1605354595,4022503807&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=1605354595,4022503807&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5a4a2c0ee2a9ea0f3e3b30618f514db
b0831d5e91ddef10f406282940ea73332726e7e9
027239451734195b0414a5b9400cd5e1d0fef2b364e54492e377aee8c16f6682
GET /it/u=1605354595,4022503807&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 11114
expires: Sun, 19 Feb 2023 06:06:20 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: c5a4a2c0ee2a9ea0f3e3b30618f514db
age: 173322
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 06:06:20 GMT
ohc-cache-hit: dy2ct60 [4], suzix60 [2]
ohc-file-size: 11114
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3165041318,1431804873&fm=253&fmt=auto&app=138&f=GIF?w=379&h=500
200 OK 44 kB URL HTTP/2 img1.baidu.com/it/u=3165041318,1431804873&fm=253&fmt=auto&app=138&f=GIF?w=379&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 379 x 500\012- data
Hash 3908e1920dfc2e562c4f4db0cf5e5058
a7c952b2cec7b9300969902fbac5a1874ee2d61b
7fa321139897516ecea7c50498b1f22a26d2effc25932d34cecf0ee0c7653f70
GET /it/u=3165041318,1431804873&fm=253&fmt=auto&app=138&f=GIF?w=379&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/gif
content-length: 43453
expires: Mon, 20 Feb 2023 13:30:20 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 3908e1920dfc2e562c4f4db0cf5e5058
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:30:20 GMT
ohc-cache-hit: dy2ct85 [1], wzix85 [2]
ohc-file-size: 43453
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/250663.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/250663.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/250663.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2227940918,421168926&fm=253&app=120&f=JPEG?w=1280&h=800
img0.baidu.com/it/u=1435572426,820340724&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 86 kB URL HTTP/1.1 img0.baidu.com/it/u=1435572426,820340724&fm=253&app=120&f=JPEG?w=1280&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 5443bbaefe41e8afec5a2a7f6efef2eb
3a97ba4a49fb523e0182092d9968f69073e0d683
777f053ec669c89c63cee737544cd0bcda6a7e5baa9a1e69ddd199f51857a393
GET /it/u=1435572426,820340724&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 86483
Connection: keep-alive
Expires: Sat, 18 Feb 2023 07:58:11 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5443bbaefe41e8afec5a2a7f6efef2eb
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 07:58:11 GMT
Ohc-Cache-HIT: yy2ct54 [1], qdix223 [4]
Ohc-File-Size: 86483
X-Cache-Status: MISS
img0.baidu.com/it/u=2469901256,3578058512&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 148 kB URL HTTP/1.1 img0.baidu.com/it/u=2469901256,3578058512&fm=253&app=120&f=JPEG?w=1280&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 148 kB (148385 bytes)
Hash 2b8b7740e907dc689ace72d2d062a321
bbd79aaf27c29899b431d93b83e2cab658ce8017
55c08c7e6dd042680fcc5302817cee2401c585a0ddf118d23fd5d0bfdb75a220
GET /it/u=2469901256,3578058512&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 148385
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:13:48 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 2b8b7740e907dc689ace72d2d062a321
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 03:13:48 GMT
Ohc-Cache-HIT: yy2ct73 [2], qdix164 [2]
Ohc-File-Size: 148385
X-Cache-Status: MISS
img2.baidu.com/it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 191 kB URL HTTP/1.1 img2.baidu.com/it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 191 kB (191343 bytes)
Hash c1407539f4deec627fe1b20b1a97a897
f75951efb58f82b506b219ddbb9640cb0c0609d6
8e88b8612972145fbdcbd57329f8f80626c50b82237b6991262560af07fe66d8
GET /it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 191343
Connection: keep-alive
Expires: Tue, 28 Feb 2023 16:45:46 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: c1407539f4deec627fe1b20b1a97a897
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 16:45:46 GMT
Ohc-Cache-HIT: dy2ct66 [2], wzix66 [2]
Ohc-File-Size: 191343
X-Cache-Status: MISS
t15.baidu.com/it/u=2480363511,1866421033&fm=224&app=112&f=JPEG?w=500&h=460
200 OK 24 kB URL HTTP/1.1 t15.baidu.com/it/u=2480363511,1866421033&fm=224&app=112&f=JPEG?w=500&h=460
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x460, components 3\012- data
Hash d62e493617e18bd1e55cde269abfdd18
a0cece41e0ac7d30c1a7029a8629a226aef22f2c
f1c4fb4e87c3a354269848183100ff1dcdda73fd2f1fcd70d414a8671b87bab1
GET /it/u=2480363511,1866421033&fm=224&app=112&f=JPEG?w=500&h=460 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: image/jpeg
Content-Length: 24022
Connection: keep-alive
Expires: Sat, 04 Mar 2023 04:02:14 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: d62e493617e18bd1e55cde269abfdd18
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 04:02:13 GMT
Ohc-Upstream-Trace: 180.97.33.13; 124.237.212.157; 58.20.204.51
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache51 [1], bdix157 [4]
Ohc-Response-Time: 1 0 0 0 496 496
Ohc-File-Size: 24022
X-Cache-Status: MISS
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/768557.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/768557.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/768557.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=453140522,3409094268&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
12803.url.tudown.com/template/company/moban/index_files/chakan.png
200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/chakan.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash acb0ada0040b83568aac894905d88cca
90c3924ecf672018cdc013d30716966b196ccbda
0511b79ede1d0228f1ecd14d917e26e8613a7e7b99f31b7bc66fae4285bdd4d6
GET /template/company/moban/index_files/chakan.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: image/png
Content-Length: 1469
Last-Modified: Mon, 31 Oct 2022 07:11:28 GMT
Connection: keep-alive
ETag: "635f7520-5bd"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/moban/index_files/shoucang.png
200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/shoucang.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 112dd72135aceaef7b25583061398368
73d3f2825122e66564122f1d8e87065b71c9ac33
5f5dc0b4419a3e37547d82c55b1332b6c421d382067cf542dadb3c65a4fa066f
GET /template/company/moban/index_files/shoucang.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: image/png
Content-Length: 1456
Last-Modified: Mon, 31 Oct 2022 07:11:39 GMT
Connection: keep-alive
ETag: "635f752b-5b0"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/249918.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/249918.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/249918.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3362560647,3704611622&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499
img0.baidu.com/it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500
200 OK 104 kB URL HTTP/2 img0.baidu.com/it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 104 kB (103664 bytes)
Hash c96e446397b96dbf6f2cf0781467eca8
722a07eb621632b701ca50d7394ae103d0eda730
bd3b6507dab0a08aae3f610089a1d29cde982fc59b746998d5cf2a8d8377911f
GET /it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 103664
expires: Mon, 20 Feb 2023 16:30:24 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c96e446397b96dbf6f2cf0781467eca8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 16:30:24 GMT
ohc-cache-hit: dy2ct98 [1], czix125 [2]
ohc-file-size: 103664
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3489587856,3080030420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659
200 OK 15 kB URL HTTP/2 img0.baidu.com/it/u=3489587856,3080030420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x659, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7399917de200e911504894bc966edd6b
8e5e6552ea90712724d79603662c69a820e8818e
e5fa5981fbcd28b8cf0e34bb7c6b2776a18ff8a10f754d58563c46df15f170c0
GET /it/u=3489587856,3080030420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 15282
expires: Fri, 24 Feb 2023 03:33:58 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 7399917de200e911504894bc966edd6b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 03:33:58 GMT
ohc-cache-hit: dy2ct57 [1], wzix57 [4]
ohc-file-size: 15282
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2943405543,1419410761&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 53 kB URL HTTP/2 img0.baidu.com/it/u=2943405543,1419410761&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31e53bae5e703c403969072a82142809
3f30b5a326c8d56a06b01757e25784a6c96032a5
eda99203cad8a418800aaa53e1fa5353a91a7dfa93474d8ec4a6f2c5275f5684
GET /it/u=2943405543,1419410761&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 53406
expires: Tue, 14 Feb 2023 07:08:45 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 31e53bae5e703c403969072a82142809
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 07:08:45 GMT
ohc-cache-hit: dy2ct64 [1], bdix217 [4]
ohc-file-size: 53406
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3872727475,2067535217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 48 kB URL HTTP/2 img1.baidu.com/it/u=3872727475,2067535217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6c00ac13fc5d1baa852461bb9dad09a5
2e31ce168cb2c246a4148a50f045b742a700e434
8986ccfab7c559b428afc3c068dd30f3453c846d8c1a0365ab367be19926c8b8
GET /it/u=3872727475,2067535217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 48294
expires: Mon, 20 Feb 2023 06:00:17 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6c00ac13fc5d1baa852461bb9dad09a5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:00:17 GMT
ohc-cache-hit: dy2ct90 [1], bdix242 [4]
ohc-file-size: 48294
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
200 OK 48 kB URL HTTP/2 img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 412x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca65831f2e4a7d54459733e55bd88794
7f5a4b96571eefe84ca624a9d8a9f58f9f35f59c
fd7929e4f39a371c6f6e9ed22149256d036829ef24b71717bff529f26447d30c
GET /it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 48522
expires: Mon, 20 Feb 2023 07:12:07 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ca65831f2e4a7d54459733e55bd88794
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:12:07 GMT
ohc-cache-hit: dy2ct96 [1], suzix206 [2]
ohc-file-size: 48522
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363
200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x363, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0e6a691238ddf46616d2424e1f12d3a
351ce7905a4cfcc6801d1d474ef1449efe0dd5b2
3602300fa029632babaa65291b3267b4b2fc6dc69279ebfa39aac7556917a193
GET /it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:13 GMT
content-type: image/webp
content-length: 24480
expires: Mon, 20 Feb 2023 04:30:56 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c0e6a691238ddf46616d2424e1f12d3a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:30:56 GMT
ohc-cache-hit: dy2ct60 [1], xiangyix60 [4]
ohc-file-size: 24480
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=650566612,3704798333&fm=253&fmt=auto?w=92&h=69
200 OK 2.4 kB URL HTTP/2 img2.baidu.com/it/u=650566612,3704798333&fm=253&fmt=auto?w=92&h=69
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fc332cf6f7cd0ffa0a806237a321648
ee4a117d0d4e81b712fbea344c20c965d2189051
39304c76c58624fd57e1eed90d99c8f1edb13bad1c9819cbd4bb9c31083e303a
GET /it/u=650566612,3704798333&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 2432
expires: Sun, 26 Feb 2023 04:35:23 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 8fc332cf6f7cd0ffa0a806237a321648
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 04:35:23 GMT
ohc-cache-hit: dy2ct76 [1], bdix76 [4]
ohc-file-size: 2432
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=271920530,2360247110&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=271920530,2360247110&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c87f96da2d4e114eb8b2ca11d8c6462
ce0dbb16130c0b1b7883c25daa887428c0004b0b
e18811035811e1f2fb7f7e18b212024f85b5d8fe895b6719ae30d4d6b8564d43
GET /it/u=271920530,2360247110&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 47726
expires: Mon, 20 Feb 2023 08:53:03 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 4c87f96da2d4e114eb8b2ca11d8c6462
age: 465906
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 08:53:03 GMT
ohc-cache-hit: dy2ct93 [4], bdix93 [4]
ohc-file-size: 47726
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=583910188,2986410763&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=583910188,2986410763&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0423171402cc577eedcb7b6f105312ab
c52923c6b0cfbb3a9297ad0a3cf2e681b9350702
551d11563855e399b487f73976df0d1687591fa94a41d4d1950075d722ac2dee
GET /it/u=583910188,2986410763&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 15088
expires: Sat, 18 Feb 2023 02:34:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0423171402cc577eedcb7b6f105312ab
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 02:34:58 GMT
ohc-cache-hit: dy2ct109 [1], suzix109 [2]
ohc-file-size: 15088
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1771475930,3993758744&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 99 kB URL HTTP/1.1 img1.baidu.com/it/u=1771475930,3993758744&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash 345f704a0608fca2f4c8d21402a2f69f
b24cb3abfc62a0dfee32e0e29d299c034c735cde
38603f6acf3530f3381e110dc49471591ce9d6f2dc6ce695a42c3ac494393020
GET /it/u=1771475930,3993758744&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 98774
Connection: keep-alive
Expires: Mon, 06 Feb 2023 17:25:04 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 345f704a0608fca2f4c8d21402a2f69f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 17:25:04 GMT
Ohc-Cache-HIT: lf6ct79 [1], xaix137 [4]
Ohc-File-Size: 98774
X-Cache-Status: MISS
12803.url.tudown.com/template/company/moban/images/footer_line.png
200 OK 9.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/images/footer_line.png
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1396)
Hash 4d4cd83a16c6d32088e17120ca2a5a4a
b87c2fc467b4d3771beb77d76b68c07f4be26c46
6e789eba7402e9b5f775bd351111d2e59be331ad8e36c66a4b4c76b17b5ec21e
GET /template/company/moban/images/footer_line.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img2.baidu.com/it/u=2854349026,3022620648&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
200 OK 44 kB URL HTTP/2 img2.baidu.com/it/u=2854349026,3022620648&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ceb1433f2a58d94e50750b835af280fa
d31e78c6cd9556f910030cd111ee9a3c1749119d
1ba8e7cfb554534f1cb8c6260d2efa509bebcbd67db34e86e8ba70a1e15e1122
GET /it/u=2854349026,3022620648&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 43924
expires: Mon, 20 Feb 2023 10:49:28 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: ceb1433f2a58d94e50750b835af280fa
age: 167326
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 10:49:28 GMT
ohc-cache-hit: dy2ct63 [4], suzix63 [4]
ohc-file-size: 43924
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1993835564,157521125&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=720
200 OK 7.3 kB URL HTTP/2 img0.baidu.com/it/u=1993835564,157521125&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=720
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5cfb30c38e0013e111d6dccfb1f7f4d
ab53dd1d145c347347521a625ddee176665cfdbe
4c3f96b536a62309555de828dc009118c9a3cd4c9c2822dc8dfc15b80fad9c35
GET /it/u=1993835564,157521125&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=720 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 7252
expires: Tue, 21 Feb 2023 13:52:19 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d5cfb30c38e0013e111d6dccfb1f7f4d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 13:52:19 GMT
ohc-cache-hit: dy2ct108 [1], bdix108 [4]
ohc-file-size: 7252
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3362560647,3704611622&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499
200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=3362560647,3704611622&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 353x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b1d9f70950fca5bbe8a59e8268bbbf8
16aa6942256d8229a0f6ef95e6e68e603df4022d
0573bca483212a976bc0c27c425481ab2933e1d7fc2712bccd47c94e6c40734c
GET /it/u=3362560647,3704611622&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 45196
expires: Tue, 21 Feb 2023 04:07:29 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 3b1d9f70950fca5bbe8a59e8268bbbf8
age: 246183
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:07:28 GMT
ohc-cache-hit: dy2ct105 [4], czix217 [4]
ohc-file-size: 45196
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=453140522,3409094268&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
200 OK 5.5 kB URL HTTP/2 img2.baidu.com/it/u=453140522,3409094268&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 472e316bbe88dda76d8746a5691a477d
7c34fd3fc9f7393e389ff11cdea57f869339f613
3588a54296977ca9370cf3b161e6e1f7345cd84bade55172ead5d8bafedb10e0
GET /it/u=453140522,3409094268&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 02 Feb 2023 04:02:14 GMT
content-type: image/webp
content-length: 5500
expires: Mon, 20 Feb 2023 04:38:04 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 472e316bbe88dda76d8746a5691a477d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:38:04 GMT
ohc-cache-hit: dy2ct89 [1], czix147 [4]
ohc-file-size: 5500
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1261401628,3354072970&fm=253&app=138&f=JPEG?w=800&h=500
200 OK 105 kB URL HTTP/1.1 img1.baidu.com/it/u=1261401628,3354072970&fm=253&app=138&f=JPEG?w=800&h=500
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Size 105 kB (105378 bytes)
Hash adf786467b7238bf7213c698233242f0
d5210fc486ea09cc70f066c1486171515831d723
5a6097ed39ba39fef6da576f11e37b67587e38c8c722885271cb50394948e0cd
GET /it/u=1261401628,3354072970&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:13 GMT
Content-Type: image/jpeg
Content-Length: 105378
Connection: keep-alive
Expires: Thu, 16 Feb 2023 10:18:07 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: adf786467b7238bf7213c698233242f0
Age: 160879
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 10:18:07 GMT
Ohc-Cache-HIT: lf6ct51 [4], qdix157 [4]
Ohc-File-Size: 105378
X-Cache-Status: HIT
img0.baidu.com/it/u=2227940918,421168926&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 105 kB URL HTTP/1.1 img0.baidu.com/it/u=2227940918,421168926&fm=253&app=120&f=JPEG?w=1280&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 105 kB (105231 bytes)
Hash 98bb78ff83bbc20f5134d536c6a2086d
06ae2145d1bc3fd9316a3c181823fdfd8db273d9
77d70c77ff57f95bebdcda77a42f8d942170872bd48e3e07f64260838b3f1700
GET /it/u=2227940918,421168926&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 02 Feb 2023 04:02:14 GMT
Content-Type: image/jpeg
Content-Length: 105231
Connection: keep-alive
Expires: Sat, 04 Mar 2023 04:02:14 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 98bb78ff83bbc20f5134d536c6a2086d
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 04:02:14 GMT
Ohc-Cache-HIT: yy2ct79 [1], wzix117 [2]
Ohc-File-Size: 105231
X-Cache-Status: MISS
12803.url.tudown.com/template/company/moban/index_files/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/moban/index_files/favicon.ico
IP
ASN #137951 Clayer Limited
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 82255b6cc962e6ae6e19b381abacce63
89a73ff1e607fd4dfb5a4fc3d6e1d0d1ec4a2e8e
d7358a12adcb1b04c97af316d799cb4f4d807fe2901e8e162b5d101d4ac9d2d3
GET /template/company/moban/index_files/favicon.ico HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E8%8E%B2%E8%8A%B1ic%E8%AF%BB%E5%8D%A1%E5%99%A8pc%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7%20v2.0%20%E5%85%8D%E8%B4%B9%E7%BB%BF%E8%89%B2%E7%89%88@156_331519.exe
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675310556
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:02:15 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 31 Oct 2022 09:44:24 GMT
Connection: keep-alive
ETag: "635f98f8-47e"
Accept-Ranges: bytes
154.218.151.71
54.213.114.144
125.64.104.35
95.101.11.115
104.18.20.226