r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8530
Expires: Mon, 23 Jan 2023 11:33:08 GMT
Date: Mon, 23 Jan 2023 09:10:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13862
Expires: Mon, 23 Jan 2023 13:02:00 GMT
Date: Mon, 23 Jan 2023 09:10:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9392
Expires: Mon, 23 Jan 2023 11:47:30 GMT
Date: Mon, 23 Jan 2023 09:10:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 08:34:59 GMT
content-type: application/json
age: 2159
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7ub/w72IkyIC9CLeAIKuiqjMnwcaV/PEbibeyAQ9sXjnkagFoRLhWMgCykpaVGBlvYROPTLvt6k=
x-amz-request-id: M7J14ZHD0P64W9BC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 08:18:46 GMT
age: 3132
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 09:10:58 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 08:48:59 GMT
age: 1319
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3364
Cache-Control: max-age=89513
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:10:58 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:02:51 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash c9ebaf45be25b37ec5011d96d18c43ea
0ad0333d9b7f030d9504a64b39f7a71ce34180fe
e8764bbec260e4bff372e76943753838912ac2ec5ef283ae717e8ca9cf5d8e44
Analyzer Verdict Alert fortinet Malware
GET /down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.34.149.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.149.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vCAi7Jp2uN9r+o+oAdb89A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cWaKQir78IEKhs3XQjDR9lbR0Ag=
12827.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12827.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12827.url.tudown.com/template/company/955yx/js/searchword.js
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/js/searchword.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12827.url.tudown.com/template/company/955yx/js/week_rank.js
154.218.151.71200 OK 656 B URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/js/week_rank.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12827.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12827.url.tudown.com/template/company/955yx/js/script_index2.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/js/script_index2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12827.url.tudown.com/template/company/955yx/js/api.js
154.218.151.71200 OK 22 B URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/js/api.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12827.url.tudown.com/template/company/955yx/js/gb.js
154.218.151.71200 OK 7.7 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/js/gb.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12827.url.tudown.com/template/company/955yx/css/gb.css
154.218.151.71200 OK 47 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/css/gb.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:10:59 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Mon, 23 Jan 2023 21:10:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12827.url.tudown.com/static/api/http://12827.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465128
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12827.url.tudown.com/static/api/http://12827.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465128
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Malware
GET /static/api/http://12827.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465128 HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8671
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:00 GMT
Connection: keep-alive
12827.url.tudown.com/uploads/images/884202.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/884202.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/884202.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334
12827.url.tudown.com/uploads/images/900232.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/900232.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/900232.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8671
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:00 GMT
Connection: keep-alive
12827.url.tudown.com/uploads/images/526291.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/526291.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/526291.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/521839.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/521839.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/521839.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4221483770,3346717559&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=112
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8671
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:00 GMT
Connection: keep-alive
12827.url.tudown.com/uploads/images/968596.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/968596.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/968596.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3750759632,2867585220&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8671
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: keWFs-Nhkuz7lUygleMuZ8TqK5mbLbs8IvnNtlNqknIW12DwwgswKg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:03 GMT
age: 40497
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/930348.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/930348.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/930348.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 40994
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9hYFY_BBaMWiasXJJzYqTe2Rb2fH06yFE0vuinlYA2V_lUaDjfmbg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:39 GMT
age: 36081
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:53:50 GMT
age: 4630
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 05:41:35 GMT
age: 12565
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: 10422f29-dc81-41f9-b03e-76fb2b0f4f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2vnHFT9oAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c62d-780503606bec4fff6e911fc8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:48:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bcQqOfvj5pAZj--Zx6PFaG7j5ei1DbbIzS90vaApoWwFWrxeLri4Ow==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:11:12 GMT
age: 7188
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aff1c8f8bde400381877e95444ca236d
c532f6f9daa1d1685b4a4b75c2ab171f1731f78e
02cbcddfab60c295e61e716b7880c5acc66533a2cc2b151b4c9674109eacb71a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CBCDDFAB60C295E61E716B7880C5ACC66533A2CC2B151B4C9674109EACB71A"
Last-Modified: Mon, 23 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20898
Expires: Mon, 23 Jan 2023 14:59:18 GMT
Date: Mon, 23 Jan 2023 09:11:00 GMT
Connection: keep-alive
12827.url.tudown.com/template/company/955yx/images/home.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/images/home.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
12827.url.tudown.com/template/company/955yx/images/litterstar.png
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/images/litterstar.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
12827.url.tudown.com/uploads/images/266068.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/266068.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/266068.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347
12827.url.tudown.com/uploads/images/330404.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/330404.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/330404.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/423776.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/423776.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/423776.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=530036558,72801814&fm=224&app=112&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/254313.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/254313.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/254313.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438
12827.url.tudown.com/uploads/images/593128.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/593128.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/593128.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2631573473,666173050&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=463
12827.url.tudown.com/uploads/images/562898.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/562898.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/562898.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/506502.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/506502.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/506502.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2622658694,1939230454&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
12827.url.tudown.com/uploads/images/856650.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/856650.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/856650.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1626765478,2369180963&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 96426b8d462171c1ea848ea196db325a
25b8fc5a23d0bf02a3809d59472cd972d8528ab6
6941e1fb273720cda3a858c32e07289afe914597d6f991523de4d318213daa37
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 27 Jan 2023 05:47:17 GMT
ETag: "25b8fc5a23d0bf02a3809d59472cd972d8528ab6"
Last-Modified: Mon, 23 Jan 2023 05:47:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2590
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78df6646bf950b41-OSL
12827.url.tudown.com/template/company/955yx/images/bgs.png
154.218.151.71200 OK 101 kB URL HTTP/1.1 12827.url.tudown.com/template/company/955yx/images/bgs.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
12827.url.tudown.com/uploads/images/309612.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/309612.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/309612.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2878296536,4083295682&fm=253&fmt=auto&app=138&f=PNG?w=500&h=616
12827.url.tudown.com/uploads/images/35340.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/35340.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/35340.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4178548648,1947150244&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500
12827.url.tudown.com/uploads/images/892720.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/892720.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/892720.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
12827.url.tudown.com/uploads/images/941396.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/941396.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/941396.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1834317089,2799984320&fm=253&fmt=auto&app=138&f=JPG?w=333&h=500
12827.url.tudown.com/uploads/images/673039.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/673039.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/673039.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3872209673,3493442305&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=458
12827.url.tudown.com/uploads/images/755615.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/755615.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/755615.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3514492225,2442909263&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
12827.url.tudown.com/uploads/images/800827.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/800827.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/800827.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
54.230.111.31200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP 54.230.111.31:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12827.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Thu, 24 Nov 2022 04:21:47 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Sun, 21 Nov 2032 04:21:47 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fng_CIjJDiyhrwcPsDElBU0MZyEny6DJvJJRHilnI0OmCmq87DQNOQ==
age: 5201354
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 23 Jan 2023 09:11:01 GMT
Etag: "4078521116"
Expires: Tue, 23 Jan 2024 09:11:01 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=091A6A061868FEF492AB39760C0B4902:FG=1; max-age=31536000; expires=Tue, 23-Jan-24 09:11:01 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12827.url.tudown.com/uploads/images/92133.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/92133.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/92133.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1487829232,3841643433&fm=253&app=120&f=JPEG?w=1280&h=800
12827.url.tudown.com/uploads/images/994849.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/994849.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/994849.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/581714.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/581714.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/581714.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421
12827.url.tudown.com/uploads/images/932240.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/932240.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/932240.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3159253724,3730094948&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
12827.url.tudown.com/uploads/images/454967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/454967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/454967.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=631788581,2536209491&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12827.url.tudown.com/uploads/images/217001.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/217001.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/217001.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2848030995,2705341177&fm=224&app=112&f=JPEG?w=400&h=400
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 51b59ae47924136e115651c4d3b53249
ce839c0a095123e079f457064a1e627fff05b00d
b913df78900de7e70c6e0eb217d0e64fa5cf333e3fb80a796215f085fdd96d78
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12827.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Mon, 23 Jan 2023 09:11:01 GMT
Etag: c95f3b48647273ce39f37c27bf0af525
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1B367FAF19DC975A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12827.url.tudown.com/uploads/images/34421.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/34421.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/34421.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4004657526,4114133395&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/471502.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/471502.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/471502.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1513131928,999125487&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500
12827.url.tudown.com/uploads/images/441415.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/441415.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/441415.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=516534638,1839233677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=547
12827.url.tudown.com/uploads/images/586540.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/586540.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/586540.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3304647643,407544210&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
12827.url.tudown.com/uploads/images/369698.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/369698.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/369698.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281
12827.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674465060094
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12827.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674465060094
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 56ab3c2bc6d64cb69dfca385e5bcb1af
4a730f4c617a83e2a43c09fa4d56e44497a6e79a
adc1cbe891250cdc427cb2a336d8f5c1d203cbc5926fda5bbf87fbcf3d62308f
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674465060094 HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12827.url.tudown.com/uploads/images/885205.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/885205.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/885205.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252
12827.url.tudown.com/uploads/images/51796.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/51796.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/51796.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3571336182,1876404325&fm=253&fmt=auto?w=1280&h=800
12827.url.tudown.com/uploads/images/176368.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/176368.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/176368.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
12827.url.tudown.com/uploads/images/928087.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/928087.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/928087.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1068499793,912734529&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=3304647643,407544210&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
118.112.225.35200 OK 3.6 kB URL HTTP/2 img2.baidu.com/it/u=3304647643,407544210&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9aa0bae10856e916eb8ad266b94ab062
110f664c2004dfb8aa600cca5f79ff96e8e469ac
a1be53c3da15c54421d46e1a2010703c4163fd6205e39e96f18a5f53ab484b99
GET /it/u=3304647643,407544210&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 3616
expires: Mon, 20 Feb 2023 12:43:28 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 9aa0bae10856e916eb8ad266b94ab062
age: 63651
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 12:43:28 GMT
ohc-cache-hit: cd6ct72 [4], bdix239 [2]
ohc-file-size: 3616
x-cache-status: HIT
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 Jan 2023 09:11:02 GMT
12827.url.tudown.com/uploads/images/536047.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/536047.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/536047.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=968576647,2676609859&fm=224&app=112&f=JPEG?w=500&h=500
s.360.cn/so/zz.gif?url=http%3A%2F%2F12827.url.tudown.com%2Fdown%2F%25E4%25B8%2589%25E5%259B%25BD%25E5%25BF%259711%25E5%25A8%2581%25E5%258A%259B%25E5%258A%25A0%25E5%25BC%25BA%25E7%2589%2588van%25E5%2585%25A8%25E5%258A%259F%25E8%2583%25BD%25E4%25BF%25AE%25E6%2594%25B9%25E5%2599%25A8%2520%40381_51771.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b137f721855_2158f32@d0b2
171.8.167.90200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12827.url.tudown.com%2Fdown%2F%25E4%25B8%2589%25E5%259B%25BD%25E5%25BF%259711%25E5%25A8%2581%25E5%258A%259B%25E5%258A%25A0%25E5%25BC%25BA%25E7%2589%2588van%25E5%2585%25A8%25E5%258A%259F%25E8%2583%25BD%25E4%25BF%25AE%25E6%2594%25B9%25E5%2599%25A8%2520%40381_51771.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b137f721855_2158f32@d0b2
IP 171.8.167.90:0
ASN #137687 Luoyang, Henan Province, P.R.China.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12827.url.tudown.com%2Fdown%2F%25E4%25B8%2589%25E5%259B%25BD%25E5%25BF%259711%25E5%25A8%2581%25E5%258A%259B%25E5%258A%25A0%25E5%25BC%25BA%25E7%2589%2588van%25E5%2585%25A8%25E5%258A%259F%25E8%2583%25BD%25E4%25BF%25AE%25E6%2594%25B9%25E5%2599%25A8%2520%40381_51771.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b137f721855_2158f32@d0b2 HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Mon, 29 Oct 2018 06:07:38 GMT
Connection: keep-alive
ETag: "5bd6a3aa-0"
Accept-Ranges: bytes
12827.url.tudown.com/uploads/images/124497.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/124497.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/124497.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
12827.url.tudown.com/api.php?op=digg&action=show&id=23038
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12827.url.tudown.com/api.php?op=digg&action=show&id=23038
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=260398234&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45811&r=0&ww=1280&u=http%3A%2F%2F12827.url.tudown.com%2Fdown%2F%25E4%25B8%2589%25E5%259B%25BD%25E5%25BF%259711%25E5%25A8%2581%25E5%258A%259B%25E5%258A%25A0%25E5%25BC%25BA%25E7%2589%2588van%25E5%2585%25A8%25E5%258A%259F%25E8%2583%25BD%25E4%25BF%25AE%25E6%2594%25B9%25E5%2599%25A8%2520%40381_51771.exe&tt=%E4%BA%9A%E5%8D%9Ayabo888vip%E6%89%8B%E6%9C%BA%E7%BD%91%E9%A1%B5%E7%89%88(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=260398234&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45811&r=0&ww=1280&u=http%3A%2F%2F12827.url.tudown.com%2Fdown%2F%25E4%25B8%2589%25E5%259B%25BD%25E5%25BF%259711%25E5%25A8%2581%25E5%258A%259B%25E5%258A%25A0%25E5%25BC%25BA%25E7%2589%2588van%25E5%2585%25A8%25E5%258A%259F%25E8%2583%25BD%25E4%25BF%25AE%25E6%2594%25B9%25E5%2599%25A8%2520%40381_51771.exe&tt=%E4%BA%9A%E5%8D%9Ayabo888vip%E6%89%8B%E6%9C%BA%E7%BD%91%E9%A1%B5%E7%89%88(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=260398234&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45811&r=0&ww=1280&u=http%3A%2F%2F12827.url.tudown.com%2Fdown%2F%25E4%25B8%2589%25E5%259B%25BD%25E5%25BF%259711%25E5%25A8%2581%25E5%258A%259B%25E5%258A%25A0%25E5%25BC%25BA%25E7%2589%2588van%25E5%2585%25A8%25E5%258A%259F%25E8%2583%25BD%25E4%25BF%25AE%25E6%2594%25B9%25E5%2599%25A8%2520%40381_51771.exe&tt=%E4%BA%9A%E5%8D%9Ayabo888vip%E6%89%8B%E6%9C%BA%E7%BD%91%E9%A1%B5%E7%89%88(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12827.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:11:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=192A1D32BC64A4C5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12827.url.tudown.com/uploads/images/436554.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/436554.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/436554.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=967216544,382953899&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1626765478,2369180963&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.112.225.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=1626765478,2369180963&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbd45a3a65b01228c753a27db82b0a3f
73986fcf3c53ee80c835b7a4b3ec4e2223b44dbd
170afa01ae4969cd3f0b0742a937d10742c2f552b696b0dcc314a5aed431471e
GET /it/u=1626765478,2369180963&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 30302
expires: Tue, 31 Jan 2023 00:42:00 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: fbd45a3a65b01228c753a27db82b0a3f
age: 6738
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 00:42:00 GMT
ohc-cache-hit: cd6ct64 [4], xiangyix133 [4]
ohc-file-size: 30302
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2622658694,1939230454&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
118.112.225.35200 OK 2.1 kB URL HTTP/2 img2.baidu.com/it/u=2622658694,1939230454&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 24ac8de18a46227a7d6de348d3c4eae7
3255c60c777e25b90c744d8b51c06f0084dc546c
2bf2297af47258c88e33aba0f21b9e0e2098c0ec587edbc1099f21b36deed6f8
GET /it/u=2622658694,1939230454&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 2114
expires: Thu, 09 Feb 2023 03:07:05 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 24ac8de18a46227a7d6de348d3c4eae7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 03:07:05 GMT
ohc-cache-hit: cd6ct50 [1], csix50 [4]
ohc-file-size: 2114
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347
118.112.225.35200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x347, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a0eed35d242fa1cd5451d4ab160723cf
e0456789dc565478f40a385fd3b753534681824a
6f74f11b5ca2f3f0a205e2fd5d6ba1aa8cd04f644e29bd32edb285407df010d8
GET /it/u=3379831772,3117866736&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=347 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 25594
expires: Fri, 03 Feb 2023 12:52:04 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a0eed35d242fa1cd5451d4ab160723cf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 12:52:04 GMT
ohc-cache-hit: cd6ct81 [1], csix81 [4]
ohc-file-size: 25594
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/883846.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/883846.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/883846.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1755023209,634628204&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=431
12827.url.tudown.com/uploads/images/773274.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/773274.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/773274.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800
12827.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12827.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 51ebc833dc81ab524196aa1b0b31cd87
a141de9c2786a689af6e65a3704aac1a6d5a244e
3b3252d7f405d9d1f149c772c2acab56150567c5d8709c1036d245747e0e96ee
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img0.baidu.com/it/u=3514492225,2442909263&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
125.74.40.35200 OK 42 kB URL HTTP/2 img0.baidu.com/it/u=3514492225,2442909263&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99a03d8000dd508c1ec9b44766466b8a
24aea1658e1ef304a5088501ff76ed79cb976e64
dab458f43575b0f675c8046470aaed2a954809232247a1def45f0253900837e7
GET /it/u=3514492225,2442909263&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 42026
expires: Thu, 02 Feb 2023 03:59:38 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 99a03d8000dd508c1ec9b44766466b8a
age: 92719
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:59:38 GMT
ohc-cache-hit: plct56 [4], csix87 [4]
ohc-file-size: 42026
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=631788581,2536209491&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
125.74.40.35200 OK 13 kB URL HTTP/2 img0.baidu.com/it/u=631788581,2536209491&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ac01051137130291ef75fa8afd482c3
63e0ffc1027e95a236eb2c7c6a7e2a8478e55774
71095cf048f5cc43634fe1881b88df989f94e3530505fe06f1294d2f6c8fe44d
GET /it/u=631788581,2536209491&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 13246
expires: Thu, 02 Feb 2023 03:36:31 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6ac01051137130291ef75fa8afd482c3
age: 712557
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:36:31 GMT
ohc-cache-hit: plct60 [4], xiangyix138 [2]
ohc-file-size: 13246
x-cache-status: HIT
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/43427.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/43427.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/43427.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
118.112.225.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x540, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5a89c839fa21ba4bbababa34511342f
2de60273a26da90ddbf60410b47f1f42c3709653
52314c6231e808930866c0b1984f1c12ee60667be2a89b8671d0847bac64aba7
GET /it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 29808
expires: Tue, 21 Feb 2023 05:31:12 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a5a89c839fa21ba4bbababa34511342f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:31:12 GMT
ohc-cache-hit: cd6ct77 [1], suzix162 [4]
ohc-file-size: 29808
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/logo.png?n=5gnylznorhs3raxhxk4ojoe24weln2maudsy5aq&w=250
154.218.151.71200 OK 3.8 kB URL HTTP/1.1 12827.url.tudown.com/uploads/images/logo.png?n=5gnylznorhs3raxhxk4ojoe24weln2maudsy5aq&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 3a92dbdb9d200fa6869dd001a950e149
656f3276882422ae6603b3aa6e861def8aa2b814
997149933a442d093ef1e6558c0a211bffe7e64d8425d99f4e85840e259ee78d
GET /uploads/images/logo.png?n=5gnylznorhs3raxhxk4ojoe24weln2maudsy5aq&w=250 HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12827.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12827.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 54c5d3f92cadc148a4fa482d97610412
be1bb5cc0ed8ffe227e6d8d2fe3e55463760d719
c1a68e9d111c16e32e6907115e519a758d2fa48d2108eda1528b0e0fc9e3e397
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img2.baidu.com/it/u=3750759632,2867585220&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.112.225.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=3750759632,2867585220&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3894f0e67f04cd095888d03e4e6c648
7f2b0adb36069af868f0ea4703548882f075d9c5
3048c9b7d22b8acb15c8e23a62f3ed2d53ede231abb4af3a16b34fbf34f9de6d
GET /it/u=3750759632,2867585220&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 20472
expires: Sun, 29 Jan 2023 01:36:28 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d3894f0e67f04cd095888d03e4e6c648
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 01:36:28 GMT
ohc-cache-hit: cd6ct53 [1], xiangyix244 [2]
ohc-file-size: 20472
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281
118.112.225.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb0f9d4f16a280d3492d2bc5d1dacf65
74bba69d2e0a57820c58bcac18c3e81d457b1d41
cd6c8963679910c29f430a5e56ee3c65a515cd9f9058df642ff761f3b03d54eb
GET /it/u=2462339075,2653363806&fm=253&fmt=auto&app=138&f=JPG?w=500&h=281 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 13432
expires: Tue, 21 Feb 2023 03:07:12 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: cb0f9d4f16a280d3492d2bc5d1dacf65
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:07:12 GMT
ohc-cache-hit: cd6ct75 [1], bdix154 [4]
ohc-file-size: 13432
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=530036558,72801814&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 42 kB URL HTTP/1.1 t14.baidu.com/it/u=530036558,72801814&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 54c102cf62d6817cd341902d4f305bb9
c05878a3f0c0cbe9c2777ea0da6fae7b0ab63f13
3d1761758a98d8ecb3fb8cf10847281788d952ea043c6f41e1123a81fc0e9fc1
GET /it/u=530036558,72801814&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 41774
Connection: keep-alive
Expires: Sat, 04 Feb 2023 00:21:36 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 54c102cf62d6817cd341902d4f305bb9
Age: 1577629
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 00:21:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache60 [1], csix60 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41774
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 74 kB URL HTTP/1.1 t13.baidu.com/it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c40b5534cf55760c09bcc411a043fa70
4eb467c1527cbb739d4c696e539c10c085f1574b
05ad18e3801a1055257afa77b97f51bd3eb2436688c561a5539e4715b8a4ce97
GET /it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 74313
Connection: keep-alive
Expires: Tue, 21 Feb 2023 03:36:08 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c40b5534cf55760c09bcc411a043fa70
Age: 25960
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 03:36:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache56 [1], csix67 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 74313
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 859cbd8ef4d88527a1b937b26b1320ac
07e4e890a3264ca17866ab037bc8db5074a0d1d1
f1b3c9ce9d36f0adf1521fa28890f85298be1220028a8e0234b10b53a54f3d86
GET /it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 44708
Connection: keep-alive
Expires: Sun, 05 Feb 2023 15:48:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 859cbd8ef4d88527a1b937b26b1320ac
Age: 975138
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 15:48:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache51 [4], wzix76 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44708
X-Cache-Status: HIT
Timing-Allow-Origin: *
12827.url.tudown.com/uploads/images/347442.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/347442.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/347442.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
12827.url.tudown.com/uploads/images/923242.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/923242.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/923242.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1929920555,770757866&fm=253&fmt=auto?w=500&h=889
img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
125.74.40.35200 OK 36 kB URL HTTP/1.1 img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 5e410e8a12936270f83cdb9d1eee7277
4d90b828b8cfbbc6fa07aba7355f71410017ab7c
fbd28eae165ef8338c9d5d369e99aa2618bd559da8364c1ae05a3d685120a3bf
GET /it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 35956
Connection: keep-alive
Expires: Mon, 20 Feb 2023 01:28:32 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 5e410e8a12936270f83cdb9d1eee7277
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 01:28:32 GMT
Ohc-Cache-HIT: plct54 [1], xiangyix145 [4]
Ohc-File-Size: 35956
X-Cache-Status: MISS
12827.url.tudown.com/uploads/images/765917.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/765917.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/765917.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800
img1.baidu.com/it/u=1834317089,2799984320&fm=253&fmt=auto&app=138&f=JPG?w=333&h=500
118.112.225.35200 OK 25 kB URL HTTP/2 img1.baidu.com/it/u=1834317089,2799984320&fm=253&fmt=auto&app=138&f=JPG?w=333&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 333x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b76334955460a45e5278a908b3428f02
756fabb9a98911d7c9f2ff9b07fa95405b341b70
8fc5fc1ca4c148d049db708329f24d2eb611f79aacb451da0d4094ee8a03bb90
GET /it/u=1834317089,2799984320&fm=253&fmt=auto&app=138&f=JPG?w=333&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 24842
expires: Sat, 28 Jan 2023 16:13:16 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b76334955460a45e5278a908b3428f02
age: 192244
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 29 Dec 2022 16:13:16 GMT
ohc-cache-hit: cd6ct79 [4], bdix87 [4]
ohc-file-size: 24842
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3159253724,3730094948&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
118.112.225.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=3159253724,3730094948&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 543f951872a82c27df7ed67d6efcfb29
55e20637c62d760b85e712ecab99c9dc8d1f3766
ab378834a0d6882a33aab3de1c714d4e42f745c64aa14b646d6b0f571b2bfd34
GET /it/u=3159253724,3730094948&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 18898
expires: Tue, 21 Feb 2023 07:25:34 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 543f951872a82c27df7ed67d6efcfb29
age: 24452
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 07:25:34 GMT
ohc-cache-hit: cd6ct70 [4], bdix70 [4]
ohc-file-size: 18898
x-cache-status: HIT
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/807078.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/807078.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/807078.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=964459152,3397544594&fm=253&fmt=auto?w=120&h=80
img1.baidu.com/it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.112.225.35200 OK 12 kB URL HTTP/2 img1.baidu.com/it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b6ca909235771190fb9cc22fa396b93
bdf2342e1b1d81d1f29ea3355599976ac21c767b
70b30cbc47ad45de2dc69ce73e310760c8470baa9f22b599915f6b37790b61dd
GET /it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 12312
expires: Tue, 21 Feb 2023 13:44:38 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 4b6ca909235771190fb9cc22fa396b93
age: 23359
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 13:44:38 GMT
ohc-cache-hit: cd6ct64 [4], xaix92 [2]
ohc-file-size: 12312
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252
118.112.225.35200 OK 9.0 kB URL HTTP/2 img1.baidu.com/it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 448x252, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 98622efc5caafe14c10066f22979c836
d8b43a474c6bdec60360274578b9bf1f7a082d1b
9604f7f8194f5f0abeac08fa2fd89686990e5dab1db0560c13fbb362c3e1e465
GET /it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 9006
expires: Mon, 06 Feb 2023 14:04:35 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 98622efc5caafe14c10066f22979c836
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 14:04:35 GMT
ohc-cache-hit: cd6ct53 [1], xaix221 [4]
ohc-file-size: 9006
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1487829232,3841643433&fm=253&app=120&f=JPEG?w=1280&h=800
124.239.243.35200 OK 201 kB URL HTTP/1.1 img1.baidu.com/it/u=1487829232,3841643433&fm=253&app=120&f=JPEG?w=1280&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 201 kB (200555 bytes)
Hash 4ba510bfd1c1c1a6d1c87948a784b8e9
17afb77e3e4046a4808cb0d072e05d8a29c8b997
d873d7adf32740c6987b165f477133ecd68697404cdc8cf26bfff35052929ca8
GET /it/u=1487829232,3841643433&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 200555
Connection: keep-alive
Expires: Tue, 31 Jan 2023 11:27:38 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 4ba510bfd1c1c1a6d1c87948a784b8e9
Age: 1409593
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 11:27:38 GMT
Ohc-Cache-HIT: lf7ct63 [4], qdix63 [4]
Ohc-File-Size: 200555
X-Cache-Status: HIT
12827.url.tudown.com/uploads/images/114567.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/114567.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/114567.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3269607678,1171687622&fm=253&app=120&f=JPEG?w=480&h=720
t13.baidu.com/it/u=968576647,2676609859&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t13.baidu.com/it/u=968576647,2676609859&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 19a309b4de1d74d1c73432cbabc19597
a9af83971febae5764d16a2cd7b8edfcf40ebfdd
e5d043e4c843fc881bff85a5f6af38491d44778be477b612c4b81fbe498e05c8
GET /it/u=968576647,2676609859&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 33732
Connection: keep-alive
Expires: Sat, 04 Feb 2023 22:26:04 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 19a309b4de1d74d1c73432cbabc19597
Age: 993137
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 22:26:03 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache56 [1], bdix214 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33732
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash da474e3d0fb4c1e0c07cf9aa787e9cf3
dd9c594693ab7c1d52d9ef08422ba2054178d52b
c017dcd7e1cb77c9bc782208973da607ad5841528d4c0d7e913f46b7c8790eab
GET /it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 46737
Connection: keep-alive
Expires: Wed, 01 Feb 2023 07:20:26 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: da474e3d0fb4c1e0c07cf9aa787e9cf3
Age: 993864
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 07:20:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache51 [1], xiangyix87 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46737
X-Cache-Status: HIT
Timing-Allow-Origin: *
12827.url.tudown.com/uploads/images/183159.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/183159.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/183159.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3102358607,2144390247&fm=253&app=120&f=JPEG?w=1280&h=800
t15.baidu.com/it/u=2848030995,2705341177&fm=224&app=112&f=JPEG?w=400&h=400
185.10.104.124200 OK 22 kB URL HTTP/1.1 t15.baidu.com/it/u=2848030995,2705341177&fm=224&app=112&f=JPEG?w=400&h=400
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 070420ab5a3cca8c0b48b6cfd8048ce7
1c5e4ff42f5b211d1c1ae64ec8df6f4a757330dd
11f0e7720124e845c4607361bc27f895c63ccc94e987adb655f9df458e8bc401
GET /it/u=2848030995,2705341177&fm=224&app=112&f=JPEG?w=400&h=400 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 21611
Connection: keep-alive
Expires: Mon, 20 Feb 2023 03:24:42 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 070420ab5a3cca8c0b48b6cfd8048ce7
Age: 193581
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 03:24:42 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache56 [4], bdix200 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 21611
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1068499793,912734529&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t15.baidu.com/it/u=1068499793,912734529&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 87a62f2719423419437c0e14d00859d9
ef1947a6378bf1caf043738f66fab5eceb0c7283
6462da0316bdbcd3d829307f475ad0be23de79018f67b570b07ae3cfc847d2f3
GET /it/u=1068499793,912734529&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 34442
Connection: keep-alive
Expires: Tue, 31 Jan 2023 04:02:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 87a62f2719423419437c0e14d00859d9
Age: 1062454
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 04:02:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache64 [1], qdix64 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34442
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800
124.239.243.35200 OK 129 kB URL HTTP/1.1 img1.baidu.com/it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 129 kB (129114 bytes)
Hash 03a1264990ef2dd328d9b0675e526dbb
e42fda0e9609801a6e29db6b4f6f1a1f6fa7acf7
3907aefb9948aee33b09f3cec9952002a305a5e180418a8bd44bf2e99dda857c
GET /it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:02 GMT
Content-Type: image/jpeg
Content-Length: 129114
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:41:13 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 03a1264990ef2dd328d9b0675e526dbb
Age: 23089
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:41:13 GMT
Ohc-Cache-HIT: lf7ct63 [4], czix131 [2]
Ohc-File-Size: 129114
X-Cache-Status: HIT
img1.baidu.com/it/u=1513131928,999125487&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500
118.112.225.35200 OK 89 kB URL HTTP/2 img1.baidu.com/it/u=1513131928,999125487&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 802x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 20a4241a3eee8804fc0847efe7b730b3
d81cc342b459faccba772816c7190cd6bbbac170
e5172197cde14c30af5fc253723b5750d305b75f578478aca2b9ea8b32b77ad9
GET /it/u=1513131928,999125487&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 88628
expires: Wed, 22 Feb 2023 01:22:32 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 20a4241a3eee8804fc0847efe7b730b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:22:32 GMT
ohc-cache-hit: cd6ct74 [2], czix214 [4]
ohc-file-size: 88628
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4221483770,3346717559&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=112
118.112.225.35200 OK 2.5 kB URL HTTP/2 img1.baidu.com/it/u=4221483770,3346717559&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=112
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 78x112, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9dcac7661b41016ebb155a77648abecb
2474406607889a44104ce347949e4a997f00e5c3
fad0b2096e2ce3b795cf16a1d92460f4064d0ee45ec19a92987a29e5c4f51ef2
GET /it/u=4221483770,3346717559&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=112 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 2546
expires: Tue, 31 Jan 2023 10:03:45 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 9dcac7661b41016ebb155a77648abecb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 10:03:45 GMT
ohc-cache-hit: cd6ct64 [1], qdix155 [4]
ohc-file-size: 2546
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 56 kB URL HTTP/1.1 t15.baidu.com/it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4cfc852e7e819a1fd342997155aa29e6
ab688a3eb2791d13a5b5c2203d5851ffdb48f504
1efbdbe2905433719c7e528e210370e29dfb19bdc18d9b3c780644c8452e833b
GET /it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 55628
Connection: keep-alive
Expires: Thu, 09 Feb 2023 07:38:21 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 4cfc852e7e819a1fd342997155aa29e6
Age: 992103
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 07:38:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache53 [1], xaix176 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 55628
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421
125.74.40.35200 OK 143 kB URL HTTP/2 img0.baidu.com/it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1421, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 143 kB (142602 bytes)
Hash 5c790f35ee23fb4b63785b9524940daf
8b7a0483247bb938892c8007d08fa316163c297a
24b8649e793348f8a842dc2c6899a4739eae9e0d3729ed92c9372c8683ef2463
GET /it/u=2583808746,2447690990&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1421 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 142602
expires: Tue, 14 Feb 2023 14:05:26 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 5c790f35ee23fb4b63785b9524940daf
age: 369938
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 14:05:26 GMT
ohc-cache-hit: plct73 [3], bdix109 [4]
ohc-file-size: 142602
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4004657526,4114133395&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.74.40.35200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=4004657526,4114133395&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 41c79e349f25348e736a678650440ac2
7c2a7a3c9174913fa14f71e4147cf1b840726049
30806db72fc0e984c3b5778d5a049d2ff23ac23f5b4d921c592165b767f1927b
GET /it/u=4004657526,4114133395&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 18936
expires: Tue, 21 Feb 2023 06:45:54 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 41c79e349f25348e736a678650440ac2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 06:45:54 GMT
ohc-cache-hit: plct54 [1], xaix122 [4]
ohc-file-size: 18936
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419
125.74.40.35200 OK 25 kB URL HTTP/2 img0.baidu.com/it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 630x419, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec8df1494eabd4fff93fcf9f7622dc00
8342996cd6752613746eb7a70352fe3bae0da145
bf5ceb849d2c6f8299cab1754dcb5e1c1bf1e2111e103a1315efdc4ce6d44ff5
GET /it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 25318
expires: Sun, 05 Feb 2023 01:44:04 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: ec8df1494eabd4fff93fcf9f7622dc00
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 01:44:04 GMT
ohc-cache-hit: plct73 [1], bdix234 [2]
ohc-file-size: 25318
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=516534638,1839233677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=547
125.74.40.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=516534638,1839233677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=547
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x547, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c03fbd610147179362c4d763806ad130
cd2e9a46defda40dac4e105835f591a89de98bf0
2155ae407472a9f811451135485ee3e5c3b52edf10163ba836d65b61e8847b36
GET /it/u=516534638,1839233677&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=547 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 28366
expires: Wed, 22 Feb 2023 04:16:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c03fbd610147179362c4d763806ad130
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 04:16:23 GMT
ohc-cache-hit: plct70 [2], bdix120 [2]
ohc-file-size: 28366
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/776995.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/776995.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/776995.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2903602274,419461916&fm=224&app=112&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/113685.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/113685.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/113685.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=601395494,1636480299&fm=253&app=138&f=JPEG?w=800&h=500
12827.url.tudown.com/uploads/images/955153.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/955153.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/955153.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1322360624,3471749527&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675
t15.baidu.com/it/u=2903602274,419461916&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 25 kB URL HTTP/1.1 t15.baidu.com/it/u=2903602274,419461916&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 556423aaa960200beaeab2f22f7252a5
9a06f48c2e7cbfa74c153cd489b58c549e59b316
7a43ab8cf2156766ebdfd36ceb1abe4dccd613d38b4266dd01efb679f42fee55
GET /it/u=2903602274,419461916&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 24630
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:37:02 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 556423aaa960200beaeab2f22f7252a5
Age: 993803
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:37:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache60 [4], bdix85 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24630
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3571336182,1876404325&fm=253&fmt=auto?w=1280&h=800
118.112.225.35200 OK 78 kB URL HTTP/2 img1.baidu.com/it/u=3571336182,1876404325&fm=253&fmt=auto?w=1280&h=800
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f9e229294be0d2d30633e1bd486d0e69
86e6572c3003c6a21729be761919aff55bffec45
b7824146428a94d4d9871c1781e887f8e219e10bf1e890a37d5c6db89ead3e21
GET /it/u=3571336182,1876404325&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 78390
expires: Tue, 31 Jan 2023 04:02:51 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: f9e229294be0d2d30633e1bd486d0e69
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 04:02:51 GMT
ohc-cache-hit: cd6ct71 [1], xiangyix76 [4]
ohc-file-size: 78390
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2878296536,4083295682&fm=253&fmt=auto&app=138&f=PNG?w=500&h=616
125.74.40.35200 OK 83 kB URL HTTP/2 img0.baidu.com/it/u=2878296536,4083295682&fm=253&fmt=auto&app=138&f=PNG?w=500&h=616
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x616, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2b09db45f398936e3309887bc078db2
2623d754d0721d1acea5422fe8945acbee69b9f2
5a5a667fd2f5f2171305ec60640cecd9a02644118b2bdfc5210e903549b5ea87
GET /it/u=2878296536,4083295682&fm=253&fmt=auto&app=138&f=PNG?w=500&h=616 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 83060
expires: Tue, 24 Jan 2023 02:33:30 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: f2b09db45f398936e3309887bc078db2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 02:33:30 GMT
ohc-cache-hit: plct69 [1], suzix156 [4]
ohc-file-size: 83060
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
118.112.225.35200 OK 10 kB URL HTTP/2 img1.baidu.com/it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3b1cc5368673b2598ca04fcfa94922b
74c04d2ba2e07084b69b1a28a071972cc2b8e7d7
79349cfd0c35914fa875cf87b02e7d7b0614564731290544426562ec378b34a5
GET /it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 10442
expires: Tue, 14 Feb 2023 00:15:14 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: d3b1cc5368673b2598ca04fcfa94922b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 00:15:14 GMT
ohc-cache-hit: cd6ct62 [1], xaix190 [4]
ohc-file-size: 10442
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3872209673,3493442305&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=458
125.74.40.35200 OK 56 kB URL HTTP/2 img0.baidu.com/it/u=3872209673,3493442305&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=458
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x458, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d7a33ef4725f4a72e6e8547af2b3cfe
22cbb03bfc58744b0ebe2a997c52e42c52a61cbc
139ad2e5d7d5244fdd96158b9d10e7f7844867b9e04e96b374fbce88acf065be
GET /it/u=3872209673,3493442305&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=458 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 56396
expires: Wed, 22 Feb 2023 03:14:50 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 5d7a33ef4725f4a72e6e8547af2b3cfe
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:14:50 GMT
ohc-cache-hit: plct67 [1], wzix108 [4]
ohc-file-size: 56396
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2631573473,666173050&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=463
125.74.40.35200 OK 34 kB URL HTTP/2 img0.baidu.com/it/u=2631573473,666173050&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=463
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x463, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3d2f59c7d33cc657dac3b85c91d82adb
958fa44884c31bd4627c3c594069b730a331cdd0
e65b09a8da518a57a65bf8fa02b594774539395504017a51501cbce4a1062201
GET /it/u=2631573473,666173050&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=463 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 33916
expires: Wed, 25 Jan 2023 07:34:12 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 3d2f59c7d33cc657dac3b85c91d82adb
age: 227093
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 07:34:12 GMT
ohc-cache-hit: plct70 [4], wzix110 [2]
ohc-file-size: 33916
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334
125.74.40.35200 OK 7.3 kB URL HTTP/2 img0.baidu.com/it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eca72b448243a5dd07e7c7ee97de7279
0d143211780412460239e7de577389b929e3631b
70e458e05c245b40e0ae3e29c14661e7f97e0f0080aad89b7ab480ce52889f79
GET /it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 7302
expires: Sun, 19 Feb 2023 03:51:15 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: eca72b448243a5dd07e7c7ee97de7279
age: 234013
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 03:51:15 GMT
ohc-cache-hit: plct55 [4], xiangyix92 [2]
ohc-file-size: 7302
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
125.74.40.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9d8c6fb5a082d775d7e4c975234b65d
dc47db73982c40722c19646eed41c9781eb4e6bb
8d0ffa7b0722e7e5d559968c53b28e01e39176bec5f453675c090a2b9b45559a
GET /it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 22788
expires: Mon, 20 Feb 2023 04:22:12 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: d9d8c6fb5a082d775d7e4c975234b65d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:22:12 GMT
ohc-cache-hit: plct56 [1], xiangyix245 [4]
ohc-file-size: 22788
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/341467.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/341467.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/341467.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
img2.baidu.com/it/u=1755023209,634628204&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=431
118.112.225.35200 OK 50 kB URL HTTP/2 img2.baidu.com/it/u=1755023209,634628204&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=431
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x431, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18322e7121e7e3127b2706611662c67f
7e81c36a74b17f90c1cf6efbe0d832f9eedda953
8b65ce0b5a8776390f1c25bafa1eec8e7a6feb1876b58045bcd4280c68857499
GET /it/u=1755023209,634628204&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=431 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 50512
expires: Fri, 27 Jan 2023 05:34:17 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 18322e7121e7e3127b2706611662c67f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 05:34:17 GMT
ohc-cache-hit: cd6ct54 [1], czix98 [4]
ohc-file-size: 50512
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/316856.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/316856.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/316856.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500
img1.baidu.com/it/u=3102358607,2144390247&fm=253&app=120&f=JPEG?w=1280&h=800
124.239.243.35200 OK 138 kB URL HTTP/1.1 img1.baidu.com/it/u=3102358607,2144390247&fm=253&app=120&f=JPEG?w=1280&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 138 kB (138311 bytes)
Hash 0f1f89991dd22f3a77b89e18f4f7ef99
27718ea510df23eed664e74b55420b7ea8d0628c
adbb575d940242db103885c4a5ab30aa391d98743da2966445930fa703064f07
GET /it/u=3102358607,2144390247&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 138311
Connection: keep-alive
Expires: Sat, 11 Feb 2023 04:33:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 0f1f89991dd22f3a77b89e18f4f7ef99
Age: 965108
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 04:33:38 GMT
Ohc-Cache-HIT: lf7ct80 [4], czix80 [4]
Ohc-File-Size: 138311
X-Cache-Status: HIT
img2.baidu.com/it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800
118.112.225.35200 OK 50 kB URL HTTP/2 img2.baidu.com/it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d923a9f0d1fa83d845b7aa89e6aa5a6
5e72b1699f86948e30be5aad8627d0a3c15db420
90f384cea3b9b6f204ae18354dc391bedc2f3a735dd55e688e29b4623f71c431
GET /it/u=1893088694,1514510018&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:02 GMT
content-type: image/webp
content-length: 49488
expires: Thu, 26 Jan 2023 13:16:23 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9d923a9f0d1fa83d845b7aa89e6aa5a6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 13:16:23 GMT
ohc-cache-hit: cd6ct70 [1], wzix70 [4]
ohc-file-size: 49488
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438
118.112.225.35200 OK 31 kB URL HTTP/2 img2.baidu.com/it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 658x438, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 211d0ab373cadbbac8ce9a843f9fbf17
b449471b30807ecfeaf6899bfc6a2ea9c1abd9ba
8a90c8cbd6bc618763e3f70ce2786528833702880f456c2b02a7f21d6083fcd9
GET /it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 31426
expires: Sat, 18 Feb 2023 01:45:10 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 211d0ab373cadbbac8ce9a843f9fbf17
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 01:45:09 GMT
ohc-cache-hit: cd6ct71 [1], czix143 [2]
ohc-file-size: 31426
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/942151.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/942151.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942151.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3820281092,3470855512&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
img0.baidu.com/it/u=4178548648,1947150244&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500
125.74.40.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=4178548648,1947150244&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 563x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d187c5f2eabacde4a2aea20335a2f6f
cece24b66edfff57b655495d218a501557f868bc
3812878942caba52bb9eb72bfa9150c68699b790cd104de7fd49e0e191e18d4b
GET /it/u=4178548648,1947150244&fm=253&fmt=auto&app=138&f=JPEG?w=563&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 36022
expires: Sun, 19 Feb 2023 14:05:30 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1d187c5f2eabacde4a2aea20335a2f6f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 14:05:30 GMT
ohc-cache-hit: plct54 [1], suzix54 [4]
ohc-file-size: 36022
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1929920555,770757866&fm=253&fmt=auto?w=500&h=889
118.112.225.35200 OK 44 kB URL HTTP/2 img1.baidu.com/it/u=1929920555,770757866&fm=253&fmt=auto?w=500&h=889
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7836927c41984eb36ef196f15cf7ce5b
dcd49e9a700797908233f5aba75c21d0a9352a06
42ac3c66bd47e2c32f2df826739c9a80a823cfd8c04aa13d0ad9d0d2a83b08de
GET /it/u=1929920555,770757866&fm=253&fmt=auto?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 44026
expires: Fri, 17 Feb 2023 07:24:02 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7836927c41984eb36ef196f15cf7ce5b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 07:24:02 GMT
ohc-cache-hit: cd6ct58 [1], qdix204 [2]
ohc-file-size: 44026
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=964459152,3397544594&fm=253&fmt=auto?w=120&h=80
118.112.225.35200 OK 662 B URL HTTP/2 img2.baidu.com/it/u=964459152,3397544594&fm=253&fmt=auto?w=120&h=80
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a941ededeadcbc274581bf26285e4a31
21b15643ee733dcea3dbbb434c7883387665b1de
cc8a6db6efbecef725602a2c2b11f9a193b4a19a5df47ae75f45c39fb8004de2
GET /it/u=964459152,3397544594&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 662
expires: Sun, 19 Feb 2023 02:31:13 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a941ededeadcbc274581bf26285e4a31
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 02:31:13 GMT
ohc-cache-hit: cd6ct72 [1], suzix108 [4]
ohc-file-size: 662
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800
125.74.40.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b52666591cee034f863ba7ed59b43542
755f282ac4db7dea79377d865a118331178bd12d
27367659852c088df0f3cf264f576f0ff384928467ac12ac1d0aa5d40a32b678
GET /it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 36426
expires: Wed, 25 Jan 2023 06:39:48 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b52666591cee034f863ba7ed59b43542
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 06:39:48 GMT
ohc-cache-hit: plct56 [1], wzix56 [2]
ohc-file-size: 36426
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=967216544,382953899&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 52 kB URL HTTP/1.1 t15.baidu.com/it/u=967216544,382953899&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 109defef975f2d25d68ff290806c2775
6ce7a250804ce5fa7abbd9d88ffdc601f8c9de86
403d753189f837cd3aa51e5206216db4dc9126e8e20a509cf377cce21eebfde7
GET /it/u=967216544,382953899&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 52392
Connection: keep-alive
Expires: Tue, 21 Feb 2023 16:10:11 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 109defef975f2d25d68ff290806c2775
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 16:10:11 GMT
Ohc-Upstream-Trace: 58.20.204.58
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache58 [1], wzix118 [4]
Ohc-Response-Time: 1 0 0 0 383 384
Ohc-File-Size: 52392
X-Cache-Status: MISS
Timing-Allow-Origin: *
12827.url.tudown.com/uploads/images/65222.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/65222.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/65222.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4242791908,3704389528&fm=253&fmt=auto?w=1422&h=800
12827.url.tudown.com/uploads/images/379919.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/379919.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/379919.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img0.baidu.com/it/u=601395494,1636480299&fm=253&app=138&f=JPEG?w=800&h=500
125.74.40.35200 OK 37 kB URL HTTP/1.1 img0.baidu.com/it/u=601395494,1636480299&fm=253&app=138&f=JPEG?w=800&h=500
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash c715f289cddcf58afdece9ae301e6a68
da9c89e04686a596904eac6fd76473f973e18f45
717a6858a7d939240572e4eb7d9055db4f7dafc7a9865a387e2eadbdf42b1123
GET /it/u=601395494,1636480299&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 36906
Connection: keep-alive
Expires: Fri, 03 Feb 2023 17:43:12 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: c715f289cddcf58afdece9ae301e6a68
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 17:43:12 GMT
Ohc-Cache-HIT: plct54 [1], wzix105 [4]
Ohc-File-Size: 36906
X-Cache-Status: MISS
img1.baidu.com/it/u=1322360624,3471749527&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675
118.112.225.35200 OK 59 kB URL HTTP/2 img1.baidu.com/it/u=1322360624,3471749527&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a733fed30255f0c7a039327bf8245aca
345c9e1d6764cf07d0a4a653708a5b5e40803058
152ebcda7ad25db7dcddbd28aa1ab870a1526107ec935834cd6acf61eda678f0
GET /it/u=1322360624,3471749527&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 59274
expires: Wed, 22 Feb 2023 00:38:39 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: a733fed30255f0c7a039327bf8245aca
age: 24454
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 00:38:39 GMT
ohc-cache-hit: cd6ct64 [4], wzix116 [2]
ohc-file-size: 59274
x-cache-status: HIT
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/472046.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/472046.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/472046.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3368043444,856222877&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=533
12827.url.tudown.com/uploads/images/22445.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/22445.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/22445.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500
12827.url.tudown.com/uploads/images/747555.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/747555.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/747555.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500
118.112.225.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f6a7892a9cae0be3bd78058e053be5e
9b89010fe42c01e970038bcbda06275a778d971d
270c70ae05ee28f811c4c972282b28a85b6542d8af2a3769765731f539cb0bdd
GET /it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 16868
expires: Wed, 01 Feb 2023 02:17:46 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 3f6a7892a9cae0be3bd78058e053be5e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 02:17:46 GMT
ohc-cache-hit: cd6ct85 [1], csix85 [4]
ohc-file-size: 16868
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 949041453e48044378f621e12ca34981
e644439fce2fc73ebe589a39b9e337dc37de0cdb
6d00372096c1efbe577aba94b0b2afad5d1fa697d37046f61730229e48f79ec5
GET /it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 38544
Connection: keep-alive
Expires: Fri, 03 Feb 2023 04:50:33 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 949041453e48044378f621e12ca34981
Age: 993987
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 04:50:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache53 [1], wzix99 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38544
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
118.112.225.35200 OK 53 kB URL HTTP/2 img1.baidu.com/it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08aa7435ba3c12ad58398ec3e2916b50
39d273eb2a1443ba2f02bd3f2b928745560a719b
663e8fcfa91d86fc68629e8f3606db3a2bc171081e77f2dc851b323226c71028
GET /it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 53388
expires: Wed, 22 Feb 2023 01:43:30 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 08aa7435ba3c12ad58398ec3e2916b50
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:43:30 GMT
ohc-cache-hit: cd6ct65 [1], suzix218 [4]
ohc-file-size: 53388
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t15.baidu.com/it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a7b8372bbd65c0501fe5222fbbb7a157
9900f6f2591adb48f8a6347bb56d5e2826bb0a20
e28758883cb1afee1a7cd87f54a8afda786be43a0748a576e77151305c933f8f
GET /it/u=3568268945,2034740167&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 56948
Connection: keep-alive
Expires: Tue, 14 Feb 2023 01:27:45 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: a7b8372bbd65c0501fe5222fbbb7a157
Age: 718998
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 01:27:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache56 [1], csix96 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56948
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3820281092,3470855512&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
125.74.40.35200 OK 48 kB URL HTTP/2 img0.baidu.com/it/u=3820281092,3470855512&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34c7bbff3b1a6ea7ef5b26e1ff477365
0f536ac910329d489d1b1e66a3bf72883888b4fe
4a92f7465a9fb4f9ddeaafa7dbfbc358a93db99100cff653e097c288b018a3e2
GET /it/u=3820281092,3470855512&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 47648
expires: Tue, 21 Feb 2023 10:28:18 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 34c7bbff3b1a6ea7ef5b26e1ff477365
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 10:28:18 GMT
ohc-cache-hit: plct54 [1], xaix112 [4]
ohc-file-size: 47648
x-cache-status: MISS
X-Firefox-Spdy: h2
12827.url.tudown.com/uploads/images/663683.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12827.url.tudown.com/uploads/images/663683.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/663683.jpg HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1650709523,2992546365&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.40.35200 OK 107 kB URL HTTP/1.1 img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2019:04:01 17:23:12], baseline, precision 8, 1280x800, components 3\012- data
Size 107 kB (106774 bytes)
Hash 4ea61bfb320e9f250591dc30d955f30e
e6bdcf37df2b2655de418af2ecffee266a3efb6e
2472d1de6b554ce3ac4f66707994b36057f49a1e2c2effaa8ee10c3be9c2c4b0
GET /it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 106774
Connection: keep-alive
Expires: Fri, 03 Feb 2023 05:43:15 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 4ea61bfb320e9f250591dc30d955f30e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 05:43:15 GMT
Ohc-Cache-HIT: plct65 [1], qdix229 [4]
Ohc-File-Size: 106774
X-Cache-Status: MISS
t14.baidu.com/it/u=1650709523,2992546365&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t14.baidu.com/it/u=1650709523,2992546365&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9ffaaf710ccb65453d7e4affabaa0ddc
dc496940abce3251fdf88cc82a1aead4042de108
0bde26671251405be5852eab415332d4d6e3891ed4af70d0fd517bef9d542f97
GET /it/u=1650709523,2992546365&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 29601
Connection: keep-alive
Expires: Sat, 04 Feb 2023 11:14:51 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9ffaaf710ccb65453d7e4affabaa0ddc
Age: 993814
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 11:14:50 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache56 [4], qdix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29601
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
118.112.225.35200 OK 52 kB URL HTTP/2 img1.baidu.com/it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 850cf12d06b3e2380e049ceff4843b49
52b74a00563203f8feaba2ff7a20065ef7ba34c2
1466b0cabb5fc2f4a3d025f6e3893ab4da6198a1535b4556346aa311a45e47f1
GET /it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 51450
expires: Mon, 20 Feb 2023 06:21:02 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 850cf12d06b3e2380e049ceff4843b49
age: 39940
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:21:02 GMT
ohc-cache-hit: cd6ct58 [4], wzix97 [4]
ohc-file-size: 51450
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3368043444,856222877&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=533
125.74.40.35200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=3368043444,856222877&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=533
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x533, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0abeaa244feee4137f5696fb3fad78d7
a07201c16becaa030fd0bd5da3c2bb4a0fe12730
05481813faeb27caa6c2ce4ac10caa0188c53bd319d8fe9cae8e15c6a3e649fc
GET /it/u=3368043444,856222877&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=533 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 11876
expires: Wed, 08 Feb 2023 11:28:26 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0abeaa244feee4137f5696fb3fad78d7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 11:28:26 GMT
ohc-cache-hit: plct67 [1], wzix103 [2]
ohc-file-size: 11876
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4242791908,3704389528&fm=253&fmt=auto?w=1422&h=800
125.74.40.35200 OK 57 kB URL HTTP/2 img0.baidu.com/it/u=4242791908,3704389528&fm=253&fmt=auto?w=1422&h=800
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e2ee1ee9282eddfe7de0dd788cb4bfd
3cc18b779f4220c5d7a594f0807d71d9d1576820
b20a6388ee5f6be0e165dd09508f2091b2141933b19dffdfb65acade5b15f028
GET /it/u=4242791908,3704389528&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12827.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:03 GMT
content-type: image/webp
content-length: 57072
expires: Fri, 17 Feb 2023 09:27:18 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7e2ee1ee9282eddfe7de0dd788cb4bfd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 09:27:18 GMT
ohc-cache-hit: plct57 [2], suzix87 [2]
ohc-file-size: 57072
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3269607678,1171687622&fm=253&app=120&f=JPEG?w=480&h=720
118.112.225.35200 OK 36 kB URL HTTP/1.1 img2.baidu.com/it/u=3269607678,1171687622&fm=253&app=120&f=JPEG?w=480&h=720
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x720, components 3\012- data
Hash 2271fcb6f5020fce12f033e38dccad03
fb0fb4d1b86324aceb6f43fb64cbeb5199baef5c
823b6b6a03d7fd3c3f0810fadf3b746a31c4f82b611e087da34be7cc6d7850a0
GET /it/u=3269607678,1171687622&fm=253&app=120&f=JPEG?w=480&h=720 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12827.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:03 GMT
Content-Type: image/jpeg
Content-Length: 36302
Connection: keep-alive
Expires: Sun, 29 Jan 2023 02:05:17 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 2271fcb6f5020fce12f033e38dccad03
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 02:05:17 GMT
Ohc-Cache-HIT: cd6ct77 [1], suzix157 [4]
Ohc-File-Size: 36302
X-Cache-Status: MISS
12827.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12827.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12827.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12827.url.tudown.com/down/%E4%B8%89%E5%9B%BD%E5%BF%9711%E5%A8%81%E5%8A%9B%E5%8A%A0%E5%BC%BA%E7%89%88van%E5%85%A8%E5%8A%9F%E8%83%BD%E4%BF%AE%E6%94%B9%E5%99%A8%20@381_51771.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674465061; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674465061
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:04 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.66200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.66:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12827.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Mon, 23 Jan 2023 09:05:22 GMT
cache-control: max-age=600
expires: Mon, 23 Jan 2023 09:15:09 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0KATQzcIKdAcKTKvncgfU8MR5A3ZVOAe1fZsEtzc_a_CL80eaAk-Zw==
age: 351
X-Firefox-Spdy: h2