r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16267
Expires: Sat, 04 Feb 2023 16:24:57 GMT
Date: Sat, 04 Feb 2023 11:53:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19804
Expires: Sat, 04 Feb 2023 17:23:54 GMT
Date: Sat, 04 Feb 2023 11:53:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8019
Expires: Sat, 04 Feb 2023 14:07:29 GMT
Date: Sat, 04 Feb 2023 11:53:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 11:43:37 GMT
content-type: application/json
age: 613
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N0k39FnQrj4coGQGd/8W82vf4oXIi0gqLs9vue3R6/EzgdYMOf/GBL2sfvMtiMQoi2URYnU8nh0=
x-amz-request-id: 7S7BQAM4MHJXPW1Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 11:52:49 GMT
age: 61
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 11:53:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 11:07:19 GMT
age: 2791
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10438
Expires: Sat, 04 Feb 2023 14:47:48 GMT
Date: Sat, 04 Feb 2023 11:53:50 GMT
Connection: keep-alive
12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
154.218.151.71200 OK 6.5 kB URL HTTP/1.1 12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 43748a4bea369f8491818a966eab3a49
33f633b3956a903a13399573cdd6769aae8c6ba8
9635017b7d061c3482382fce2f3d9f75b4e2ceee3d19651f135d622ef8b5a6ec
Analyzer Verdict Alert fortinet Malware
GET /down/cszmdyrj-v1.0@278_28616.exe HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
35.161.100.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.100.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ayclLGg4Xa6e5i5/ojDJ2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZhL+X+mwKW9tCgP6+0fy4zH9khA=
12376.url.tudown.com/template/company/42xz/css/common.css
154.218.151.71200 OK 1.9 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/css/common.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:51 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sat, 04 Feb 2023 23:53:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12376.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12376.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12376.url.tudown.com/template/company/42xz/css/soft.css
154.218.151.71200 OK 6.6 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:51 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sat, 04 Feb 2023 23:53:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12376.url.tudown.com/template/company/42xz/js/soft.js
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/js/soft.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:51 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sat, 04 Feb 2023 23:53:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12376.url.tudown.com/uploads/images/477746.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/477746.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/477746.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=908038505,1032752128&fm=224&app=112&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/69476.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/69476.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/69476.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3310195540,1263575997&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
12376.url.tudown.com/uploads/images/128441.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/128441.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/128441.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3081780896,2719685547&fm=253&app=120&f=JPEG?w=1280&h=800
12376.url.tudown.com/template/company/42xz/images/tab_line.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/images/tab_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
12376.url.tudown.com/uploads/images/206881.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/206881.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/206881.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1838941643,957432802&fm=224&app=112&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/logo.png?n=5gmlfzm7r3tlrl7fxcbonfnq42hkp2fox3s2jb7ft646rlvn4ww2nzvaue&w=250
154.218.151.71200 OK 3.9 kB URL HTTP/1.1 12376.url.tudown.com/uploads/images/logo.png?n=5gmlfzm7r3tlrl7fxcbonfnq42hkp2fox3s2jb7ft646rlvn4ww2nzvaue&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash d3ee369e988a8de3e913f53b7430510b
ffd3d5e10f540d8543b0badc6086c284dc0276e0
3cff3ce2b3c9b7fbcf706c87f6420f07062a69233ff887b8f9e1de455dd956c0
GET /uploads/images/logo.png?n=5gmlfzm7r3tlrl7fxcbonfnq42hkp2fox3s2jb7ft646rlvn4ww2nzvaue&w=250 HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12376.url.tudown.com/template/company/42xz/images/dian1.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/images/dian1.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7895
Expires: Sat, 04 Feb 2023 14:05:27 GMT
Date: Sat, 04 Feb 2023 11:53:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11016
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11016
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11016
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 49411
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 49399
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11016
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 49411
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nIp2nUVnamnoTpFwrN1L4K1dqjYvcDGuV2yFqYskkXb14k72AZsjMg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:41 GMT
age: 49511
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 50748
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 49222
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12376.url.tudown.com/template/company/42xz/js/jquery.js
154.218.151.71200 OK 46 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:51 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sat, 04 Feb 2023 23:53:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
t14.baidu.com/it/u=1838941643,957432802&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 42 kB URL HTTP/1.1 t14.baidu.com/it/u=1838941643,957432802&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 799b9e912f9bd5eea69c5918109c22a7
39b768fd7f0483b1182c86b8f89db7cc04a36b74
d555473de78a0ed4c194cc0fb35b5f74ef0608a0a67a6f618055e2e5e6b1ea17
GET /it/u=1838941643,957432802&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpeg
Content-Length: 42352
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:08:28 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 799b9e912f9bd5eea69c5918109c22a7
Age: 2040324
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:08:27 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache55 [1], xaix181 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42352
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=908038505,1032752128&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t14.baidu.com/it/u=908038505,1032752128&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e148327006469e8cfc6d40f8111c9129
6d11d9ab0d0a7337a33414c81020a4b25b4462fc
3c5ab0b016eaa29fa8f82bb00f34b76ab07a2f727d66a5e460db791c7b5cdc28
GET /it/u=908038505,1032752128&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpeg
Content-Length: 59671
Connection: keep-alive
Expires: Fri, 10 Feb 2023 04:20:11 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e148327006469e8cfc6d40f8111c9129
Age: 2100821
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 04:20:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache55 [1], xiangyix127 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59671
X-Cache-Status: HIT
Timing-Allow-Origin: *
12376.url.tudown.com/uploads/images/195388.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/195388.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/195388.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=127871529,225979155&fm=253&fmt=auto?w=1280&h=800
12376.url.tudown.com/uploads/images/179621.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/179621.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/179621.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
12376.url.tudown.com/uploads/images/47840.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/47840.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/47840.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=869611468,2044692533&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/28261.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/28261.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/28261.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=32288669,1487455851&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/959387.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/959387.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/959387.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084
12376.url.tudown.com/uploads/images/451278.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/451278.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/451278.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2272406783,1529638526&fm=253&fmt=auto&app=138&f=JPEG?w=446&h=645
12376.url.tudown.com/uploads/images/272104.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/272104.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/272104.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=315753141,2478969794&fm=224&app=112&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/797085.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/797085.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/797085.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500
12376.url.tudown.com/uploads/images/859918.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/859918.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/859918.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2972579496,3186569706&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505
12376.url.tudown.com/uploads/images/492906.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/492906.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/492906.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1744832350,1255582713&fm=224&app=112&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/809070.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/809070.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/809070.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69
img2.baidu.com/it/u=3081780896,2719685547&fm=253&app=120&f=JPEG?w=1280&h=800
183.134.239.1200 OK 89 kB URL HTTP/1.1 img2.baidu.com/it/u=3081780896,2719685547&fm=253&app=120&f=JPEG?w=1280&h=800
IP 183.134.239.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 6489d0b734a243e8c0408d736ac8e8fe
97537963de798fb1aa8c5a553329c61501a00ab8
e0e32507ac09b40b21f75307ec0288680cf77fbd15583840ab89d58249a84c3b
GET /it/u=3081780896,2719685547&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:52 GMT
Content-Type: image/jpeg
Content-Length: 89225
Connection: keep-alive
Expires: Fri, 03 Mar 2023 03:43:18 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 6489d0b734a243e8c0408d736ac8e8fe
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 03:43:18 GMT
Ohc-Cache-HIT: nb7ct55 [1], csix70 [2]
Ohc-File-Size: 89225
X-Cache-Status: MISS
img0.baidu.com/it/u=3310195540,1263575997&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
36.99.50.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=3310195540,1263575997&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a728848d661329716a109b323b63aa70
9120b1cedc49aa9197a5aa57e23a50807c2e5cf7
02460643c564c352bbb61927837cbc19163598329c11ef6a7bfd4b3bb8bcdd5f
GET /it/u=3310195540,1263575997&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:52 GMT
content-type: image/webp
content-length: 19678
expires: Sat, 04 Mar 2023 15:50:34 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: a728848d661329716a109b323b63aa70
age: 158598
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 15:50:34 GMT
ohc-cache-hit: zz6ct71 [4], qdix229 [1]
ohc-file-size: 19678
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=315753141,2478969794&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 63 kB URL HTTP/1.1 t14.baidu.com/it/u=315753141,2478969794&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d6096e99018f0423bb0ee47ab9b8ca89
a084fa2a452b770be993b4ab08aa41a5a7c2e55e
4370daf63edb9548aecc6939f868b6a0f289643d5b56f7feb2114e9a24bd4dcd
GET /it/u=315753141,2478969794&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 62887
Connection: keep-alive
Expires: Thu, 02 Mar 2023 08:20:30 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: d6096e99018f0423bb0ee47ab9b8ca89
Age: 356317
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 08:20:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache52 [1], bdix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62887
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1744832350,1255582713&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 48 kB URL HTTP/1.1 t14.baidu.com/it/u=1744832350,1255582713&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0d4daf34639847aa361887f0a6d07b16
e6be9dc60e8bd347e11eff01b9d467ff41367826
7d7baf9bfc84f6263c82ece4e7d0382c30d145da01113d571a62f5879bf612e8
GET /it/u=1744832350,1255582713&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 47799
Connection: keep-alive
Expires: Thu, 23 Feb 2023 19:17:40 GMT
Last-Modified: Sun, 18 Jan 1970 00:00:00 GMT
ETag: 0d4daf34639847aa361887f0a6d07b16
Age: 894588
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 19:17:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache63 [1], czix225 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47799
X-Cache-Status: HIT
Timing-Allow-Origin: *
12376.url.tudown.com/uploads/images/910783.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/910783.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/910783.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3322228878,3116350625&fm=224&app=112&f=JPEG?w=484&h=500
t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 25 kB URL HTTP/1.1 t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 0eec0e0237fb11b843dc4d8d177a8c89
7bc050b98ed0e2652d1398012acb8f0df8618c38
f5f9a5f0112d61f94c1746eb3611104f7a9c8bd714b351421f8b153acbbbc5ae
GET /it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 24858
Connection: keep-alive
Expires: Mon, 06 Mar 2023 11:53:53 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0eec0e0237fb11b843dc4d8d177a8c89
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 11:53:52 GMT
Ohc-Upstream-Trace: 180.97.33.13; 58.216.2.188; 58.20.204.58
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache58 [1], czix188 [4]
Ohc-Response-Time: 1 0 0 0 424 424
Ohc-File-Size: 24858
X-Cache-Status: MISS
Timing-Allow-Origin: *
t13.baidu.com/it/u=3322228878,3116350625&fm=224&app=112&f=JPEG?w=484&h=500
185.10.104.124200 OK 13 kB URL HTTP/1.1 t13.baidu.com/it/u=3322228878,3116350625&fm=224&app=112&f=JPEG?w=484&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 484x500, components 3\012- data
Hash 5290f63c3d956b6921d0e9492ec507b3
4be813f013ef24610aab78d29334ef4ce70f4a2d
a0e1028cdf3fc177252c5658f95e32b163e96dac081b1bcfd7da5acb1f32536e
GET /it/u=3322228878,3116350625&fm=224&app=112&f=JPEG?w=484&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 13441
Connection: keep-alive
Expires: Tue, 21 Feb 2023 07:22:41 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: 5290f63c3d956b6921d0e9492ec507b3
Age: 1128370
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 07:22:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache65 [2], xaix66 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 13441
X-Cache-Status: HIT
Timing-Allow-Origin: *
12376.url.tudown.com/uploads/images/262383.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/262383.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/262383.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350
12376.url.tudown.com/uploads/images/788516.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/788516.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/788516.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=519815709,3255573034&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=316
12376.url.tudown.com/uploads/images/306589.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/306589.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/306589.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3959725375,3313888631&fm=253&app=120&f=JPEG?w=1422&h=800
12376.url.tudown.com/uploads/images/161303.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/161303.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/161303.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280
12376.url.tudown.com/uploads/images/508481.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/508481.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/508481.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1639438475,1882197635&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
img0.baidu.com/it/u=2272406783,1529638526&fm=253&fmt=auto&app=138&f=JPEG?w=446&h=645
36.99.50.35200 OK 70 kB URL HTTP/2 img0.baidu.com/it/u=2272406783,1529638526&fm=253&fmt=auto&app=138&f=JPEG?w=446&h=645
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 446x645, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 381060c4faf8c016cbbad05f0fe8c27b
3d24be0c2dc7d265b29461f63b100732ad964f13
d0c6d4b728104474ed664c02612493d00e238ec07f4d9afa0690c418e9a86f3a
GET /it/u=2272406783,1529638526&fm=253&fmt=auto&app=138&f=JPEG?w=446&h=645 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 70422
expires: Sat, 04 Mar 2023 14:11:07 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 381060c4faf8c016cbbad05f0fe8c27b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 14:11:07 GMT
ohc-cache-hit: zz6ct72 [1], wzix106 [4]
ohc-file-size: 70422
x-cache-status: MISS
X-Firefox-Spdy: h2
12376.url.tudown.com/uploads/images/593374.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/593374.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/593374.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1843901330,3807841324&fm=253&app=120&f=JPEG?w=1280&h=800
img0.baidu.com/it/u=2972579496,3186569706&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505
36.99.50.35200 OK 21 kB URL HTTP/2 img0.baidu.com/it/u=2972579496,3186569706&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x505, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b0ea70dc2286f6f408db1b5f77091cf
00f3e4dc18293a12d546e8f239971a40ad79347a
837641a474e347e754a7adbb87193ed90db878fdf099be262798abfe88b54bd3
GET /it/u=2972579496,3186569706&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 20918
expires: Fri, 24 Feb 2023 01:58:56 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9b0ea70dc2286f6f408db1b5f77091cf
age: 114319
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 01:58:56 GMT
ohc-cache-hit: zz6ct67 [4], xiangyix232 [4]
ohc-file-size: 20918
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69
36.99.50.35200 OK 6.2 kB URL HTTP/2 img0.baidu.com/it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type GIF image data, version 89a, 92 x 69\012- data
Hash 294f94c4cbfea42f576157f4473c20e6
f4a0b4c2bf4c0db5e0fac27fba4c8b09288a9636
c0f27a04c32540e2dd1e1bb1b8d636d20b70a7135fef391bcbf8c44ff8fa763d
GET /it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/gif
content-length: 6229
expires: Fri, 24 Feb 2023 04:32:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 294f94c4cbfea42f576157f4473c20e6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 04:32:22 GMT
ohc-cache-hit: zz6ct61 [1], bdix61 [4]
ohc-file-size: 6229
x-cache-status: MISS
X-Firefox-Spdy: h2
12376.url.tudown.com/template/company/42xz/images/dian2.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12376.url.tudown.com/template/company/42xz/images/dian2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
12376.url.tudown.com/uploads/images/99103.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/99103.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/99103.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
12376.url.tudown.com/uploads/images/685182.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/685182.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/685182.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2992948711,447729903&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=332
12376.url.tudown.com/uploads/images/705440.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/705440.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/705440.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2173673234,2380392281&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=635
img1.baidu.com/it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500
36.99.50.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 522x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0496317610d9a5a22dd674e9dda46e62
18c20fa403f189926e3efac2c8a9b21fb6553598
b8c7507a59e2b67613259c11135aa9507b54b105e5e6d14ae766a46a354737db
GET /it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 14012
expires: Sun, 05 Mar 2023 07:17:23 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 0496317610d9a5a22dd674e9dda46e62
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 07:17:23 GMT
ohc-cache-hit: zz6ct56 [1], csix56 [4]
ohc-file-size: 14012
x-cache-status: MISS
X-Firefox-Spdy: h2
12376.url.tudown.com/uploads/images/933206.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/933206.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/933206.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1500249121,2745716627&fm=253&fmt=auto&app=138&f=GIF?w=160&h=120
img2.baidu.com/it/u=869611468,2044692533&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.50.35200 OK 18 kB URL HTTP/2 img2.baidu.com/it/u=869611468,2044692533&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9920523f64ec129033ea877614b68215
20401670743c327a7589ee2cf6ee221f08e52d92
f88cb45974e18e4975f18a138c00a8e86c5b672c30f6ac406e1244f565be80a5
GET /it/u=869611468,2044692533&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 17778
expires: Wed, 15 Feb 2023 20:11:45 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 9920523f64ec129033ea877614b68215
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 20:11:45 GMT
ohc-cache-hit: zz6ct65 [1], qdix174 [4]
ohc-file-size: 17778
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=32288669,1487455851&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.50.35200 OK 23 kB URL HTTP/2 img2.baidu.com/it/u=32288669,1487455851&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73ca242cae5b8add3160b4d9ef5a1112
4d02e5cbb085b215af0cedda460bcd2e8a21e637
c52ae91b1b86318bfbf78c641a772402d1e01c8c87d00b5f146564ea3f665932
GET /it/u=32288669,1487455851&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 23346
expires: Wed, 22 Feb 2023 01:20:42 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 73ca242cae5b8add3160b4d9ef5a1112
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:20:42 GMT
ohc-cache-hit: zz6ct56 [1], czix150 [4]
ohc-file-size: 23346
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 7488909a096d71c9bd5c8cc0b8d467df
5c526042773a614fc62339c3012e54f6408ff263
aa8a68051841e4363951066750354e4af8d8aab6daa0afd4316d2385194bf3d3
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12376.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 11:53:53 GMT
Etag: a627869e7e8ef9fa0e2af3255c1fb5e6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EA9B027B01F584FB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
t14.baidu.com/it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 8.9 kB URL HTTP/1.1 t14.baidu.com/it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 834c42b216324f9eff74e3e8e36dd668
fe2fff80b74c51915ab7ecfd1da11ecb6a1b9fb1
eb419c0c16a35dbcf289e22f69849f4ed8730c6629eccf5a327c9a18e4f3cad6
GET /it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 8906
Connection: keep-alive
Expires: Mon, 06 Mar 2023 09:16:44 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 834c42b216324f9eff74e3e8e36dd668
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 09:16:44 GMT
Ohc-Upstream-Trace: 58.20.204.61
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache61 [4], xaix108 [4]
Ohc-Response-Time: 1 0 0 0 359 359
Ohc-File-Size: 8906
X-Cache-Status: MISS
Timing-Allow-Origin: *
img2.baidu.com/it/u=3959725375,3313888631&fm=253&app=120&f=JPEG?w=1422&h=800
183.134.239.1200 OK 183 kB URL HTTP/1.1 img2.baidu.com/it/u=3959725375,3313888631&fm=253&app=120&f=JPEG?w=1422&h=800
IP 183.134.239.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 183 kB (182993 bytes)
Hash 14a3f58a5e1b5c012902bdf2a6f05f67
cf40f1b836706f0074817f482f0bde067fa55a98
785374fa3178733f3bb25e6bc1eb5c021589ad8febe342c9e3ab01a9293ffb85
GET /it/u=3959725375,3313888631&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 182993
Connection: keep-alive
Expires: Thu, 09 Feb 2023 05:51:45 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 14a3f58a5e1b5c012902bdf2a6f05f67
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 05:51:45 GMT
Ohc-Cache-HIT: nb7ct51 [2], wzix67 [4]
Ohc-File-Size: 182993
X-Cache-Status: MISS
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 9b1db69b3836148e93f0b9331a63e4bd
4f3a4a41b5815ea9619d66e818623de9c6faba5f
fe984e42b04a36d84598d456ba0ce9aed281b8e96f6020800f3b61f94b5fe039
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 11:09:32 GMT
ETag: "4f3a4a41b5815ea9619d66e818623de9c6faba5f"
Last-Modified: Sat, 04 Feb 2023 11:09:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7943355f6a860b31-OSL
img1.baidu.com/it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084
36.99.50.35200 OK 65 kB URL HTTP/2 img1.baidu.com/it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1084, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed522e4d49dbacc619ac8541ee8ade8e
f4a685c86d599c2cadfd67ed47c24aa36fffc45a
459b3fa719ebea3ac367e5a45e7f0c255990ef8622c0531e7ae42dec174e3031
GET /it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 65404
expires: Thu, 02 Mar 2023 09:35:30 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ed522e4d49dbacc619ac8541ee8ade8e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 09:35:30 GMT
ohc-cache-hit: zz6ct57 [1], xiangyix80 [2]
ohc-file-size: 65404
x-cache-status: MISS
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 11:53:53 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 11:53:53 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=C00797245AEC5068522D472683562E3C:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 11:53:53 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12376.url.tudown.com/uploads/images/253999.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/253999.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/253999.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2577836852,1200469003&fm=224&app=112&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/597130.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/597130.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/597130.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500
12376.url.tudown.com/uploads/images/11379.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/11379.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/11379.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=12062494,947302549&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=127871529,225979155&fm=253&fmt=auto?w=1280&h=800
36.99.50.35200 OK 121 kB URL HTTP/2 img1.baidu.com/it/u=127871529,225979155&fm=253&fmt=auto?w=1280&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 121 kB (121416 bytes)
Hash f6f213fab73e6672a42445ef59cb49ca
4aaf29f20a7486b0db746239cb02e544926065e8
539e1a956b63ee657eb55894bd7129444afffd1f0ae35f7fb7224cc53555a1ae
GET /it/u=127871529,225979155&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 121416
expires: Wed, 01 Mar 2023 11:03:44 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f6f213fab73e6672a42445ef59cb49ca
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 11:03:44 GMT
ohc-cache-hit: zz6ct56 [2], csix90 [2]
ohc-file-size: 121416
x-cache-status: MISS
X-Firefox-Spdy: h2
12376.url.tudown.com/uploads/images/811115.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/811115.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/811115.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3726913625,88149401&fm=224&app=112&f=JPEG?w=500&h=500
12376.url.tudown.com/uploads/images/732939.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/732939.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/732939.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3559670237,3663502196&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img2.baidu.com/it/u=519815709,3255573034&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=316
36.99.50.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=519815709,3255573034&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=316
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x316, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d943fa3a4518100741ae52ce7f1b1ab
6ba72f6dd56fe2c4bced4498ab09d77f8f74606b
d2e4ce27aea252c26d4c6c7e9a58fa5201e4fa5d7c3e32faa7e75ee9d16d757d
GET /it/u=519815709,3255573034&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=316 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 12846
expires: Mon, 20 Feb 2023 01:24:07 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1d943fa3a4518100741ae52ce7f1b1ab
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 01:24:07 GMT
ohc-cache-hit: zz6ct61 [1], bdix233 [4]
ohc-file-size: 12846
x-cache-status: MISS
X-Firefox-Spdy: h2
12376.url.tudown.com/uploads/images/79410.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/79410.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/79410.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=888592366,3557183999&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
img0.baidu.com/it/u=1639438475,1882197635&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
36.99.50.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1639438475,1882197635&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17a6c1142f44a42ac413e2cca68d3c35
0a570de55a41a0bfea71e7886037721bfa3cc322
5980c2e3ebdc62b39823c9d81e7b91902d4f530ad8e4ee52de534ec5f2fbbe01
GET /it/u=1639438475,1882197635&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 18430
expires: Tue, 14 Feb 2023 12:55:25 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 17a6c1142f44a42ac413e2cca68d3c35
age: 338528
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 12:55:25 GMT
ohc-cache-hit: zz6ct60 [4], xaix82 [4]
ohc-file-size: 18430
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2577836852,1200469003&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 25 kB URL HTTP/1.1 t14.baidu.com/it/u=2577836852,1200469003&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6aaf07c307ebbe92104a99be32208b67
9959d4b11635d5e49a5a8b63eafac4f17f984f77
ad047ba86d066d651b3a0a6be90fa06b3e665bf872710d9f7ab963e10bf4c60b
GET /it/u=2577836852,1200469003&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 24923
Connection: keep-alive
Expires: Sat, 04 Feb 2023 15:02:14 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 6aaf07c307ebbe92104a99be32208b67
Age: 28303
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 15:02:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache63 [1], suzix86 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24923
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2992948711,447729903&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=332
36.99.50.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=2992948711,447729903&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=332
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x332, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14f76fbb7f05c07d6516476577c4c7b8
6015b623ff1b510bf2a8ae43b23d4fa0ba8e556a
7b299aac647973c44592976853f061137390dea774d2685180f8c9ea55e3a6f1
GET /it/u=2992948711,447729903&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=332 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 30788
expires: Tue, 28 Feb 2023 10:09:27 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 14f76fbb7f05c07d6516476577c4c7b8
age: 338522
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 10:09:27 GMT
ohc-cache-hit: zz6ct50 [4], suzix99 [4]
ohc-file-size: 30788
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2173673234,2380392281&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=635
36.99.50.35200 OK 29 kB URL HTTP/2 img1.baidu.com/it/u=2173673234,2380392281&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=635
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x635, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e45959d9d2824f198547a3976f94008
9f3279fe9ca92952d64f09b34bc78ec74adec0f5
2395669b7da118e77420c021aee8e389c78216a89c8cd5f3114c263dc0edca10
GET /it/u=2173673234,2380392281&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=635 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/webp
content-length: 28944
expires: Mon, 13 Feb 2023 13:26:04 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 8e45959d9d2824f198547a3976f94008
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 14 Jan 2023 13:26:04 GMT
ohc-cache-hit: zz6ct65 [1], xiangyix176 [4]
ohc-file-size: 28944
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1500249121,2745716627&fm=253&fmt=auto&app=138&f=GIF?w=160&h=120
36.99.50.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=1500249121,2745716627&fm=253&fmt=auto&app=138&f=GIF?w=160&h=120
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type GIF image data, version 89a, 160 x 120\012- data
Hash 0e37a977fb10a1fd9931929d204a8ef9
dded2359d46373e0ebe024dbb7f30e9ce87c8946
769c482dd5f998e12c8e915ec25fdcab316f5649ca5c0a81f6fc49b2f381d048
GET /it/u=1500249121,2745716627&fm=253&fmt=auto&app=138&f=GIF?w=160&h=120 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: image/gif
content-length: 14468
expires: Tue, 21 Feb 2023 21:12:45 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0e37a977fb10a1fd9931929d204a8ef9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 21:12:45 GMT
ohc-cache-hit: zz6ct52 [1], suzix167 [4]
ohc-file-size: 14468
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1830984283&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2F12376.url.tudown.com%2Fdown%2Fcszmdyrj-v1.0%40278_28616.exe&tt=%E8%A1%97%E6%9C%BA%E9%87%91%E8%9F%BE%E6%8D%95%E9%B1%BC%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1830984283&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2F12376.url.tudown.com%2Fdown%2Fcszmdyrj-v1.0%40278_28616.exe&tt=%E8%A1%97%E6%9C%BA%E9%87%91%E8%9F%BE%E6%8D%95%E9%B1%BC%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1830984283&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2F12376.url.tudown.com%2Fdown%2Fcszmdyrj-v1.0%40278_28616.exe&tt=%E8%A1%97%E6%9C%BA%E9%87%91%E8%9F%BE%E6%8D%95%E9%B1%BC%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12376.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 11:53:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=99171D716DBE7FCD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
t15.baidu.com/it/u=12062494,947302549&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=12062494,947302549&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4a8c7490198503b7631759b00e7e4d4e
767a8265ea2a6845c6e562ef16011652dca9627f
ae4b83062c6dd3d43538ac97292d76fe172b398eaaa3c1dabc0e3a98880aac8c
GET /it/u=12062494,947302549&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 54259
Connection: keep-alive
Expires: Fri, 17 Feb 2023 10:49:41 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4a8c7490198503b7631759b00e7e4d4e
Age: 1417020
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 10:49:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache55 [1], xiangyix119 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 54259
X-Cache-Status: HIT
Timing-Allow-Origin: *
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
180.97.251.250200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12376.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 11:45:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 11:45:27 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675511127
via: cache18.l2ea120-8[72,72,200-0,M], cache39.l2ea120-8[74,0], cache8.cn2205[0,0,200-0,H], cache7.cn2205[1,0]
age: 507
x-cache: HIT TCP_MEM_HIT dirn:12:866010294
x-swift-savetime: Sat, 04 Feb 2023 11:45:27 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb1b16755116342233117e
X-Firefox-Spdy: h2
12376.url.tudown.com/uploads/images/759676.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/759676.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/759676.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3469286897,2535966638&fm=253&app=120&f=JPEG?w=1422&h=800
img2.baidu.com/it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500
36.99.50.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 401x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2745717577c64cd21801437e5308224
743a20ba94f115f9c7845f5424fe8d0bbdedc6b8
e0172dd8158c7baa6b147cefb3a602628dd57b422f3be54f2530d24b29787ed9
GET /it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:54 GMT
content-type: image/webp
content-length: 12890
expires: Wed, 22 Feb 2023 03:21:40 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f2745717577c64cd21801437e5308224
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:21:40 GMT
ohc-cache-hit: zz6ct70 [1], suzix151 [4]
ohc-file-size: 12890
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280
49.79.225.35200 OK 130 kB URL HTTP/1.1 img1.baidu.com/it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1280, components 3\012- data
Size 130 kB (129574 bytes)
Hash 344dc49c2917924fd4f9a76cc76bdd66
0349335998ee5ef1c701adab79853cbfa115f6e0
2b486a422d08881ca5bceb53b1b6738c5bbfab56589c9f7ec987483c497ed013
GET /it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: image/jpeg
Content-Length: 129574
Connection: keep-alive
Expires: Thu, 16 Feb 2023 20:55:35 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 344dc49c2917924fd4f9a76cc76bdd66
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 20:55:35 GMT
Ohc-Cache-HIT: ntct57 [1], xiangyix120 [2]
Ohc-File-Size: 129574
X-Cache-Status: MISS
img2.baidu.com/it/u=3559670237,3663502196&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
36.99.50.35200 OK 41 kB URL HTTP/2 img2.baidu.com/it/u=3559670237,3663502196&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash de6e9bacae9ae65a905ce745d3414605
bb32d76cd2498533fcf692adfd07fd07634b9989
f2e0c69376ba429c56c1a20eeb17c7e585a64dc699267f2d176f234fba4b1ef2
GET /it/u=3559670237,3663502196&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:54 GMT
content-type: image/webp
content-length: 40722
expires: Fri, 24 Feb 2023 07:04:59 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: de6e9bacae9ae65a905ce745d3414605
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 07:04:59 GMT
ohc-cache-hit: zz6ct60 [1], xaix232 [2]
ohc-file-size: 40722
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=888592366,3557183999&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
36.99.50.35200 OK 37 kB URL HTTP/2 img1.baidu.com/it/u=888592366,3557183999&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9ffb9b829768f03f285b207d0bc9c83
c9c50de4d59c36e352df36cbd43203c0d30532a8
1d7142c87054a57b3b486996785e7d8c637a34cc740cd837dea4007bb473e20c
GET /it/u=888592366,3557183999&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:54 GMT
content-type: image/webp
content-length: 37142
expires: Thu, 23 Feb 2023 12:21:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c9ffb9b829768f03f285b207d0bc9c83
age: 115276
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 12:21:05 GMT
ohc-cache-hit: zz6ct59 [4], xiangyix125 [2]
ohc-file-size: 37142
x-cache-status: HIT
X-Firefox-Spdy: h2
12376.url.tudown.com/uploads/images/34625.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/34625.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/34625.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3617529929,2710815027&fm=253&fmt=auto&app=138&f=PNG?w=229&h=499
12376.url.tudown.com/uploads/images/26999.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/26999.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/26999.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500
12376.url.tudown.com/uploads/images/221237.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/221237.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/221237.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=46448023,4054105294&fm=224&app=112&f=PNG?w=500&h=500
12376.url.tudown.com/uploads/images/141976.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/141976.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/141976.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2900397427,2165033643&fm=253&app=120&f=JPEG?w=1280&h=800
12376.url.tudown.com/uploads/images/810018.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/810018.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/810018.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=978985026,6018069&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=978985026,6018069&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=978985026,6018069&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 54324b8ec721454c8a10dd323307903f
3934788c62c59c466f1494b4acee545c65f0f0ae
02f5584170e0b2ed673b460b1373c15ad544e8c5f8ea1a5c6de35629c488070a
GET /it/u=978985026,6018069&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 46865
Connection: keep-alive
Expires: Mon, 06 Feb 2023 06:17:30 GMT
Last-Modified: Mon, 19 Jan 1970 00:00:00 GMT
ETag: 54324b8ec721454c8a10dd323307903f
Age: 2100833
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 06:17:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache59 [4], czix100 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46865
X-Cache-Status: HIT
Timing-Allow-Origin: *
12376.url.tudown.com/uploads/images/277348.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/277348.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/277348.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2804370413,2977445816&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 110 kB URL HTTP/1.1 img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 110 kB (110507 bytes)
Hash dddde5d2afcb3641203aa140b9ac2ef8
e114f57c0b4f739e1da1962bcac7301a8c9e25fe
483cf231ac0d0c50b8fbeb47713f4884226a5cc0a4afe0d28caa0ccb2a651caf
GET /it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 110507
Connection: keep-alive
Expires: Sat, 04 Mar 2023 01:02:17 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: dddde5d2afcb3641203aa140b9ac2ef8
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 01:02:17 GMT
Ohc-Cache-HIT: ntct65 [1], csix116 [4]
Ohc-File-Size: 110507
X-Cache-Status: MISS
t14.baidu.com/it/u=46448023,4054105294&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 196 kB URL HTTP/1.1 t14.baidu.com/it/u=46448023,4054105294&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 196 kB (195517 bytes)
Hash be0ba1bd4ba6ff99271cdd3f7f6643e9
a2c98894455c03d63b018b1111a7ba4a9d97e24c
5954aad10b50a458c0f4309a46c682aaac7930c4361695a17c065fd8e94d23fe
GET /it/u=46448023,4054105294&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/png
Content-Length: 195517
Connection: keep-alive
Expires: Thu, 09 Feb 2023 13:15:39 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: be0ba1bd4ba6ff99271cdd3f7f6643e9
Age: 2040336
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 13:15:39 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache56 [3], suzix180 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 195517
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3617529929,2710815027&fm=253&fmt=auto&app=138&f=PNG?w=229&h=499
36.99.50.35200 OK 13 kB URL HTTP/2 img0.baidu.com/it/u=3617529929,2710815027&fm=253&fmt=auto&app=138&f=PNG?w=229&h=499
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image\012- data
Hash ecf496ad73d93bdf6b3d289402c0d139
5d71bb727b8acccdd29d3849e1401407cc198249
a0561b0e84096ad68da16dfe7775dd2a5be48471807b22dbff7ddc0fc2f10bf5
GET /it/u=3617529929,2710815027&fm=253&fmt=auto&app=138&f=PNG?w=229&h=499 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:54 GMT
content-type: image/webp
content-length: 12600
expires: Mon, 20 Feb 2023 10:27:45 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ecf496ad73d93bdf6b3d289402c0d139
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 10:27:45 GMT
ohc-cache-hit: zz6ct55 [1], czix139 [4]
ohc-file-size: 12600
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500
36.99.50.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 769x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dafd810c22e1f6b604afe4d4c8604184
36b6cbc9a894c207bb3cb8122f2d01755deb34ca
9c13d4e76855c06dd3a7df785442295028de1237874477cb8c26ab703d35630f
GET /it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:54 GMT
content-type: image/webp
content-length: 41700
expires: Thu, 02 Mar 2023 01:56:43 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: dafd810c22e1f6b604afe4d4c8604184
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 01:56:43 GMT
ohc-cache-hit: zz6ct72 [1], xaix175 [4]
ohc-file-size: 41700
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=3726913625,88149401&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 29 kB URL HTTP/1.1 t14.baidu.com/it/u=3726913625,88149401&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1bc473202456b45a81f1f69cc2fe27d0
fd93af6e493e4c3b9c6a2aa0c071b391fe8e518e
bfc57e989187bd2fd850f453bccd56852742e208a36e0674bb95517c13784e06
GET /it/u=3726913625,88149401&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 28949
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:50:33 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 1bc473202456b45a81f1f69cc2fe27d0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 02:50:33 GMT
Ohc-Upstream-Trace: 58.216.2.215; 58.20.204.50
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [1], zhuzuncache50 [1], czix215 [4]
Ohc-Response-Time: 1 0 0 0 475 475
Ohc-File-Size: 28949
X-Cache-Status: MISS
Timing-Allow-Origin: *
12376.url.tudown.com/uploads/images/196726.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/196726.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/196726.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1944925917,794003696&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583
12376.url.tudown.com/uploads/images/175926.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/175926.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/175926.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=946290660,1722004426&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=889
12376.url.tudown.com/uploads/images/918586.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12376.url.tudown.com/uploads/images/918586.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/918586.jpg HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=73864632,2597310&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=740
img0.baidu.com/it/u=1843901330,3807841324&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.50.35200 OK 139 kB URL HTTP/1.1 img0.baidu.com/it/u=1843901330,3807841324&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 139 kB (138628 bytes)
Hash 3e064b447f3b392b8248b4049fdf1ea9
1b27c603aa9956ab71e12506be1b565ed8677335
5db2f271569fbd88242e3c4a9cad59a5b050a827daf144869036c950983423cf
GET /it/u=1843901330,3807841324&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 138628
Connection: keep-alive
Expires: Tue, 14 Feb 2023 11:21:13 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 3e064b447f3b392b8248b4049fdf1ea9
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 11:21:13 GMT
Ohc-Cache-HIT: zz6ct64 [2], suzix236 [2]
Ohc-File-Size: 138628
X-Cache-Status: MISS
api.share.baidu.com/s.gif?l=http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 11:53:54 GMT
img2.baidu.com/it/u=2804370413,2977445816&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
36.99.50.35200 OK 51 kB URL HTTP/2 img2.baidu.com/it/u=2804370413,2977445816&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0157816c7e50e4ebb2ae407c8baa1f2a
256c5cbd7b33a1af50e913f3942ceb9d928de43e
3e2837be5f644e54d8e88aff01231028d70f0c17c039111a6e3a60cbd4babaa5
GET /it/u=2804370413,2977445816&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:54 GMT
content-type: image/webp
content-length: 50872
expires: Sat, 04 Mar 2023 08:34:33 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 0157816c7e50e4ebb2ae407c8baa1f2a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 08:34:33 GMT
ohc-cache-hit: zz6ct50 [1], xiangyix89 [4]
ohc-file-size: 50872
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2900397427,2165033643&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.50.35200 OK 88 kB URL HTTP/1.1 img0.baidu.com/it/u=2900397427,2165033643&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash f2b1799cadf0991b506177d64deeb4d2
a2b06e353ae5c1bfd7eaa55db302c1f4778035a8
5d22b4592aab8e64ba4e9da5006f95afa1bf006939b9cc1162e2937c67792db9
GET /it/u=2900397427,2165033643&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 87882
Connection: keep-alive
Expires: Fri, 24 Feb 2023 03:02:42 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f2b1799cadf0991b506177d64deeb4d2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 03:02:42 GMT
Ohc-Cache-HIT: zz6ct72 [1], bdix120 [4]
Ohc-File-Size: 87882
X-Cache-Status: MISS
img2.baidu.com/it/u=946290660,1722004426&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=889
36.99.50.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=946290660,1722004426&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=889
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a8a1083239ceadbf0f5d895b06596dc
e230ad849b9532510391a7fb9afe199a63cb91b7
5fef025ff5bf259e36d0866c553e039914cc831a0850bd0e2e4b770d90b62540
GET /it/u=946290660,1722004426&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:55 GMT
content-type: image/webp
content-length: 41796
expires: Wed, 22 Feb 2023 02:38:26 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 2a8a1083239ceadbf0f5d895b06596dc
age: 16720
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:38:26 GMT
ohc-cache-hit: zz6ct55 [4], xiangyix240 [2]
ohc-file-size: 41796
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1944925917,794003696&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583
36.99.50.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=1944925917,794003696&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x583, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4d9efbbaf5f7d7355dda889bca418784
56e45da0a0de5428e93ad87ffc6f50c350dcdaef
4646afe063dbe7ce07e848e75748690e334b92e656aca3e89f84fd45bbfc8555
GET /it/u=1944925917,794003696&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=583 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:55 GMT
content-type: image/webp
content-length: 19934
expires: Sat, 18 Feb 2023 03:20:20 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 4d9efbbaf5f7d7355dda889bca418784
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 03:20:20 GMT
ohc-cache-hit: zz6ct53 [1], qdix218 [4]
ohc-file-size: 19934
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=73864632,2597310&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=740
36.99.50.35200 OK 42 kB URL HTTP/2 img0.baidu.com/it/u=73864632,2597310&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=740
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x740, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0cfb562613842e618985f47b01a8781d
62e3f2559cb2996055ec86205715dd0b852bd925
377b3704139a97f470963909be03e1e176a55e8b8f7d47055efac8fdb7b6502b
GET /it/u=73864632,2597310&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=740 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12376.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:55 GMT
content-type: image/webp
content-length: 42436
expires: Wed, 22 Feb 2023 07:40:06 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0cfb562613842e618985f47b01a8781d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 07:40:06 GMT
ohc-cache-hit: zz6ct51 [1], xaix103 [4]
ohc-file-size: 42436
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3469286897,2535966638&fm=253&app=120&f=JPEG?w=1422&h=800
49.79.225.35200 OK 314 kB URL HTTP/1.1 img1.baidu.com/it/u=3469286897,2535966638&fm=253&app=120&f=JPEG?w=1422&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 314 kB (314327 bytes)
Hash 8b5f05d10564c54c0f870b26e9a4dfe1
77026005c58494002ec35d9549b9cd0621039bb7
043b2b34ca7c2db406436e53af146bdd6c36e52c03f9f4b1d8d35c51387209d0
GET /it/u=3469286897,2535966638&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12376.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: image/jpeg
Content-Length: 314327
Connection: keep-alive
Expires: Thu, 23 Feb 2023 11:46:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 8b5f05d10564c54c0f870b26e9a4dfe1
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 11:46:38 GMT
Ohc-Cache-HIT: ntct50 [2], czix213 [2]
Ohc-File-Size: 314327
X-Cache-Status: MISS
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
101.198.192.8200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 12:03:56 GMT
KCS-Via: REVALIDATED from w-fc02.hkht;REVALIDATED from w-sc01.hkht
Content-Encoding: gzip
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.11200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.11:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u9DjtdYM8ovIiSqnEPwmPaapqtxBRuym7ALT1TSNz-BAdCERMkvkng==
Age: 11354731
12376.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12376.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12376.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/down/cszmdyrj-v1.0@278_28616.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675511669; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675511669
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
s.360.cn/so/zz.gif?url=http%3A%2F%2F12376.url.tudown.com%2Fdown%2Fcszmdyrj-v1.0%40278_28616.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a621661802e_38a792b@900.
171.8.167.90200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12376.url.tudown.com%2Fdown%2Fcszmdyrj-v1.0%40278_28616.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a621661802e_38a792b@900.
IP 171.8.167.90:0
ASN #137687 Luoyang, Henan Province, P.R.China.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12376.url.tudown.com%2Fdown%2Fcszmdyrj-v1.0%40278_28616.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a621661802e_38a792b@900. HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12376.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Mon, 29 Oct 2018 06:07:13 GMT
Connection: keep-alive
ETag: "5bd6a391-0"
Accept-Ranges: bytes