Report - 12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134

Report Overview

Submitted URL
12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP
154.218.151.71
ASN
#137951 Clayer Limited
Submitted
2023-02-04 15:55:47
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.203.75.56
img2.baidu.com	50786	2021-03-25T13:17:58Z	2023-03-12T11:23:13Z	2.2 kB	128 kB	125.74.42.35
js.passport.qihucdn.com	273795	2014-08-12T03:08:07Z	2023-03-12T11:11:59Z	324 B	462 B	101.198.192.7
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
img0.baidu.com	50126	2021-03-25T13:17:59Z	2023-03-12T11:23:13Z	5.0 kB	618 kB	125.74.42.35
t14.baidu.com	32559	2021-01-22T21:20:42Z	2023-03-12T11:23:14Z	706 B	138 kB	185.10.104.124
t15.baidu.com	33050	2021-01-09T17:16:17Z	2023-03-12T11:23:14Z	2.5 kB	306 kB	185.10.104.124
t13.baidu.com	32653	2021-01-09T14:57:25Z	2023-03-12T11:23:14Z	2.1 kB	217 kB	185.10.104.124
img1.baidu.com	50158	2021-03-25T13:17:58Z	2023-03-12T11:23:15Z	3.8 kB	436 kB	125.64.104.35
s22.cnzz.com	87635	2012-05-30T12:09:17Z	2023-03-12T16:31:15Z	394 B	667 B	180.97.251.250
s6.qhres2.com	910970	2022-01-25T09:18:01Z	2023-03-12T11:12:00Z	298 B	1.1 kB	54.230.111.11
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
12228.url.tudown.com	unknown	2017-05-24T04:10:36Z	2023-03-12T09:15:19Z	20 kB	86 kB	154.218.151.71
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	60 kB	34.120.237.76
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.9 kB	104.18.21.226
s.360.cn	19814	2012-07-10T18:01:51Z	2023-03-13T09:22:08Z	513 B	238 B	171.13.14.66
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	367 B	1.9 kB	104.18.20.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	290 B	750 B	182.61.201.93
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	400 B	114 B	112.34.113.148
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	1.2 kB	12 kB	103.235.46.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	12228.url.tudown.com/template/company/42xz/js/soft.js	9.9 kB	2023-03-12	2023-06-15
Pretty URL 12228.url.tudown.com/template/company/42xz/js/soft.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:54 Last Seen2023-06-15 06:04:36 Times Seen205 Hash 5e32a0f26da3d6f80a8ba482448e7314 c5724c4245049e753a66805f2fe986c620071141 d2acdf1a20ffb5f140291d37fd878d834918e465e977c487720816d7bf69cf31 Loading...

	hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:52:04 Last Seen2023-03-13 16:52:04 Times Seen1 Hash fae6846da9f72cbcdeea092a2e731e78 bbbfee8641f138f670e82fabb69c248277f3bfd6 be32e497f6acd73af9c0749af2004f030f7c32f4688cf0705ed3c96e1e63fe2a Loading...

	s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130	0 B	2023-03-07	2024-04-19
Pretty URL s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130 IP 180.97.251.250 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 18:36:40 Times Seen36965434 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	12228.url.tudown.com/js/orsxg5a.script	944 B	2023-03-12	2023-03-18
Pretty URL 12228.url.tudown.com/js/orsxg5a.script IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:02:34 Last Seen2023-03-18 07:38:54 Times Seen1 Hash 115782a87f98ee819affba9c5fc37d4e e3e7eb2067add7793da4221acd4edc9776600c41 54f9e7c3cf8bb6599a306d4cf9a19259071fc3dab0865d538c8e03335889194b Loading...

	s6.qhres2.com/static/ab77b6ea7f3fbf79.js	478 B	2023-03-07	2024-04-15
Pretty URL s6.qhres2.com/static/ab77b6ea7f3fbf79.js IP 54.230.111.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:56 Last Seen2024-04-15 19:30:50 Times Seen2387 Hash 5dd27f8f2b042194c3cdabd62fd80110 c035036a939799d4c29b9c0f7229ae1953d03109 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a Loading...

	12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe	254 B	2023-03-09	2023-12-23
Pretty URL 12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:02:19 Last Seen2023-12-23 16:26:58 Times Seen1789 Hash c86ce41b80900dd60765c9dddb425e66 29681365731cf7d3bbaf1cf9d121090ef34624a5 a7d6678bd92dd9f38310914883d14c408d73826eeccbe32b7cdaf9f77c6c589b Loading...

	12228.url.tudown.com/template/company/42xz/js/jquery.js	120 kB	2023-03-12	2023-11-20
Pretty URL 12228.url.tudown.com/template/company/42xz/js/jquery.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:54 Last Seen2023-11-20 08:42:33 Times Seen235 Hash 1925d85004d53931fe7e1cb8e1d658fb fc6192892c227e2a2f5a68e31b08d83ab0458355 b26e0c2001d8d9f1947b20033e77665409f3504f832556ce2ee9dfb01ef7a041 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-19
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 12:08:45 Times Seen18958 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d	105 B	2023-03-07	2024-04-14
Pretty URL js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d IP 101.198.192.7 ASN #55992 Beijing Qihu Technology Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:51 Last Seen2024-04-14 23:50:53 Times Seen385 Hash 06b5672f6400f1eb3255c53b8716ec1b f35120a5317fa4f91b98abb29d0ee3ad899b55f7 42e703267bb95fd28b350c6f27fd014f39e6d88443a50b7322c14b76bb513e99 Loading...

		Size	First Seen	Last Seen
	#1 Write - 74312d9fd3d0d77a65b4edf6f7a9d543	169 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 12:43:11 Last Seen2024-04-14 17:35:46 Times Seen2523 Hash 74312d9fd3d0d77a65b4edf6f7a9d543 f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6 e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08 Loading...

	#2 Write - 9104ef1ddb84ab257a9e746454b00ff8	310 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 14:02:34 Last Seen2023-03-18 07:38:54 Times Seen1 Hash 9104ef1ddb84ab257a9e746454b00ff8 abbc574006d442cf8207f6547e94799ac4aa2aaf 08cfa2671ab17fd81b2902c4c81aa0924c009028f346513b84a77417ae47d036 Loading...

	#3 Write - f6c66fa781641bc152896d4d331fb47c	107 B	2023-03-12	2023-11-20
Pretty Observations First Seen2023-03-12 11:06:54 Last Seen2023-11-20 08:42:33 Times Seen234 Hash f6c66fa781641bc152896d4d331fb47c 75058381be5febb338d4b018ff21ddeb72634f79 1b60638050239eb6f376f41ed7c52f5fa636ff1b2899f86fc62f093fdd6b3e8b Loading...

	#4 Write - fa85d85498e61666775145658e0c17ed	143 B	2023-03-12	2023-11-20
Pretty Observations First Seen2023-03-12 11:06:54 Last Seen2023-11-20 08:42:33 Times Seen234 Hash fa85d85498e61666775145658e0c17ed 0c7232cecdccc72b25160d2732cc180c3fe73160 ba9029ca999756c61255a5964826bb7f12d35e3dd5255cbc1cbfe47438995591 Loading...

	#5 Write - 49ab76f98f0ffd3c06e5f9e8fd523616	87 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 12:57:51 Last Seen2024-04-14 23:50:53 Times Seen258 Hash 49ab76f98f0ffd3c06e5f9e8fd523616 8ff32ae013817b78b340ba1c1ee24f34ca2d8b2a dacba7ea3ae581abd50497c748a9455c720f9c23b96c3826f9d45ef4db4f8db0 Loading...

HTTP Transactions (122)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Sat, 04 Feb 2023 16:31:37 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5259
Expires: Sat, 04 Feb 2023 17:23:15 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 15:43:38 GMT
content-type: application/json
age: 718
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12876
Expires: Sat, 04 Feb 2023 19:30:12 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: M4dxy4YcOX1BzAY1odQT0HyCIXMsSHfKynEgDK1gGMkrgVMzvnF9Jevnn+abnjMZu980LkMgznVaiLRvPdViPA==
x-amz-request-id: N6DDCJ614S60W59Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 15:24:04 GMT
age: 1892
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 15:55:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 15:07:19 GMT
age: 2897
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Sat, 04 Feb 2023 16:34:48 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive

12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

154.218.151.71

200 OK

6.5 kB

URL HTTP/1.1
12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307), with CRLF, LF line terminators
Size
6.5 kB (6478 bytes)
Hash
c0feba6f5ccf6f00b8398374d40d1d4c
07bb63d4514085e1a4077c72c34f91abc9d3f9de
afda54f3a9dd7332639056f384a58d7d63735dacb09684621584c122a81ce098

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.203.75.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.203.75.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4dhES68CivsB+/u+D1ad9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OwQdZi2cJIcMu0aDmwaCX7t4sjc=

12228.url.tudown.com/template/company/42xz/css/common.css

154.218.151.71

200 OK

1.9 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/css/common.css
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.9 kB (1933 bytes)
Hash
625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5

HTTP Headers

GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12228.url.tudown.com/js/orsxg5a.script

154.218.151.71

200 OK

531 B

URL HTTP/1.1
12228.url.tudown.com/js/orsxg5a.script
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document, ASCII text, with CRLF line terminators
Size
531 B (531 bytes)
Hash
39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15

HTTP Headers

GET /js/orsxg5a.script HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

12228.url.tudown.com/template/company/42xz/js/soft.js

154.218.151.71

200 OK

3.6 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/js/soft.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
3.6 kB (3643 bytes)
Hash
67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d

HTTP Headers

GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12228.url.tudown.com/template/company/42xz/css/soft.css

154.218.151.71

200 OK

6.6 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/css/soft.css
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
6.6 kB (6556 bytes)
Hash
669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356

HTTP Headers

GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

12228.url.tudown.com/uploads/images/800791.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/800791.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/800791.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500

12228.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250

154.218.151.71

200 OK

3.8 kB

URL HTTP/1.1
12228.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Size
3.8 kB (3787 bytes)
Hash
ed02213cb5a8b9c435beff942aec886e
c3a2d3504ff7f6c9c6d887179496a3b5c468d429
f803288101d17e59978ccda9a47c411643ef2639a7455cbbcd571d10e06e3634

HTTP Headers

GET /uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250 HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

12228.url.tudown.com/template/company/42xz/images/tab_line.png

154.218.151.71

200 OK

1.2 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/images/tab_line.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
GIF image data, version 89a, 190 x 7\012- data
Size
1.2 kB (1155 bytes)
Hash
4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06

HTTP Headers

GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes

12228.url.tudown.com/uploads/images/108747.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/108747.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/108747.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652

12228.url.tudown.com/template/company/42xz/images/dian1.png

154.218.151.71

200 OK

1.1 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/images/dian1.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
GIF image data, version 89a, 4 x 4\012- data
Size
1.1 kB (1110 bytes)
Hash
de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685

HTTP Headers

GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes

12228.url.tudown.com/uploads/images/466096.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/466096.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/466096.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/644978.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/644978.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/644978.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21009
Expires: Sat, 04 Feb 2023 21:45:47 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive

12228.url.tudown.com/template/company/42xz/js/jquery.js

154.218.151.71

200 OK

46 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/js/jquery.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Size
46 kB (45799 bytes)
Hash
49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be

HTTP Headers

GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19774
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19774
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19774
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 64194
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 64512
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9349 bytes)
Hash
4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:30:47 GMT
age: 55491
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 34534
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 64217
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9141 bytes)
Hash
f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 64771
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

12228.url.tudown.com/uploads/images/331151.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/331151.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/331151.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200

12228.url.tudown.com/uploads/images/683841.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/683841.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/683841.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/274732.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/274732.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/274732.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500

12228.url.tudown.com/uploads/images/485293.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/485293.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/485293.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500

12228.url.tudown.com/uploads/images/459412.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/459412.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/459412.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
81f5c123f4a83e821e1e2f7c4101a7bf
650933ff62323a28072863389d558e213041f68a
5a56d766b7901444e0da4d430348ca3f0ddae9cf26f9bb4f41266c36750572d7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 12:17:24 GMT
ETag: "650933ff62323a28072863389d558e213041f68a"
Last-Modified: Sat, 04 Feb 2023 12:17:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7944977ebea1b4fd-OSL

12228.url.tudown.com/uploads/images/405246.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/405246.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/405246.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483

12228.url.tudown.com/uploads/images/331500.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/331500.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/331500.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

12228.url.tudown.com/uploads/images/471925.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/471925.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/471925.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500

12228.url.tudown.com/uploads/images/878234.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/878234.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/878234.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496

12228.url.tudown.com/uploads/images/275620.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/275620.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/275620.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 15:55:38 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 15:55:38 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=3B764074B7A4D811B4437DFDD1E4D035:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 15:55:38 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

12228.url.tudown.com/uploads/images/248916.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/248916.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/248916.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423

12228.url.tudown.com/uploads/images/812485.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/812485.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/812485.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800

12228.url.tudown.com/uploads/images/716532.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/716532.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/716532.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/831882.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/831882.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/831882.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706

12228.url.tudown.com/uploads/images/194626.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/194626.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/194626.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

12228.url.tudown.com/uploads/images/897434.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/897434.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/897434.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/793075.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/793075.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/793075.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800

api.share.baidu.com/s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

112.34.113.148

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 15:55:39 GMT

12228.url.tudown.com/uploads/images/875584.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/875584.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/875584.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800

12228.url.tudown.com/uploads/images/837538.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/837538.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/837538.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457

12228.url.tudown.com/template/company/42xz/images/dian2.png

154.218.151.71

200 OK

1.1 kB

URL HTTP/1.1
12228.url.tudown.com/template/company/42xz/images/dian2.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
GIF image data, version 89a, 4 x 4\012- data
Size
1.1 kB (1106 bytes)
Hash
3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1

HTTP Headers

GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes

12228.url.tudown.com/uploads/images/371783.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/371783.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/371783.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/701518.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/701518.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/701518.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/646335.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/646335.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/646335.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500

t13.baidu.com/it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

19 kB

URL HTTP/1.1
t13.baidu.com/it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
19 kB (19193 bytes)
Hash
e3e96965d378fdade70388730a93e48d
58634224b634230ff7e59937fda3b5f11b97e424
83d7d774bac0fc7444b89da9fdf03116c510c134aa218df2509e3f111b8bf0e1

HTTP Headers

GET /it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 19193
Connection: keep-alive
Expires: Sun, 05 Feb 2023 04:12:33 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e3e96965d378fdade70388730a93e48d
Age: 2054891
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 04:12:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache58 [4], suzix179 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 19193
X-Cache-Status: HIT
Timing-Allow-Origin: *

t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500

185.10.104.124

200 OK

59 kB

URL HTTP/1.1
t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Size
59 kB (59190 bytes)
Hash
e6f8e8c107ef57bb869b14ce1ccb0f70
b7be68398774b4b697e1f48403bf9ed405402a66
13a183e8641e9b8e1cc1eb4afc5337a733b4e3bdb2169affcf12841bd5749888

HTTP Headers

GET /it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 59190
Connection: keep-alive
Expires: Thu, 16 Feb 2023 07:58:23 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: e6f8e8c107ef57bb869b14ce1ccb0f70
Age: 351029
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 07:58:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache54 [4], wzix101 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59190
X-Cache-Status: HIT
Timing-Allow-Origin: *

t13.baidu.com/it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500

185.10.104.124

200 OK

19 kB

URL HTTP/1.1
t13.baidu.com/it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 412x500, components 3\012- data
Size
19 kB (18939 bytes)
Hash
c6d175fe907c1ee86f3af0991a13ff54
e3bde11c6f56761c4b6272be24a8dc4db8a8588d
f98c5045c3fc70ff9d20768503a32da107eefd1e8ca3f2c8c82e9d04129cc98f

HTTP Headers

GET /it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 18939
Connection: keep-alive
Expires: Thu, 02 Mar 2023 10:25:31 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: c6d175fe907c1ee86f3af0991a13ff54
Age: 38478
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 10:25:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache61 [2], xaix216 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 18939
X-Cache-Status: HIT
Timing-Allow-Origin: *

12228.url.tudown.com/uploads/images/244064.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/244064.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/244064.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69

12228.url.tudown.com/uploads/images/36828.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/36828.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/36828.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800

12228.url.tudown.com/uploads/images/104740.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/104740.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/104740.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500

12228.url.tudown.com/uploads/images/540340.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/540340.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/540340.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800

hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (633)
Size
11 kB (11271 bytes)
Hash
b64027a3157f1c031fc18775966cc25f
0d15ecfd8dab47c4db5d040251ea90dd879a8cc8
2524dbefe29bd734ca870813a9bac06299aa99e3284213055732ed97c8d5f23b

HTTP Headers

GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 15:55:39 GMT
Etag: 94e83698f77ff0b0c9914f059c17be20
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C3DB5BE1E3B25BBB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

12228.url.tudown.com/uploads/images/726009.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/726009.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/726009.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500

12228.url.tudown.com/uploads/images/909243.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/909243.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/909243.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80

img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500

125.74.42.35

200 OK

36 kB

URL HTTP/1.1
img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Size
36 kB (35956 bytes)
Hash
5e410e8a12936270f83cdb9d1eee7277
4d90b828b8cfbbc6fa07aba7355f71410017ab7c
fbd28eae165ef8338c9d5d369e99aa2618bd559da8364c1ae05a3d685120a3bf

HTTP Headers

GET /it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 35956
Connection: keep-alive
Expires: Mon, 20 Feb 2023 01:28:32 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 5e410e8a12936270f83cdb9d1eee7277
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 01:28:32 GMT
Ohc-Cache-HIT: lz3ct54 [1], xiangyix145 [4]
Ohc-File-Size: 35956
X-Cache-Status: MISS

12228.url.tudown.com/uploads/images/588978.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/588978.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/588978.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233

12228.url.tudown.com/uploads/images/83532.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/83532.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/83532.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/327369.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/327369.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/327369.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/759701.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/759701.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/759701.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500

t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

61 kB

URL HTTP/1.1
t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
61 kB (60595 bytes)
Hash
c172b25dd77f4eb994525f3168c7529d
858ef51604ba1fb4b7ced90be99caabdac91fe2b
84715b859c9cf24b89e4f218fa38da7b7a9fdf50393ca0b9d5c24d9ffb82f16b

HTTP Headers

GET /it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 60595
Connection: keep-alive
Expires: Fri, 24 Feb 2023 02:34:13 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: c172b25dd77f4eb994525f3168c7529d
Age: 388318
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 02:34:13 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache52 [1], wzix92 [4]
Ohc-Response-Time: 1 0 0 0 0 1
Ohc-File-Size: 60595
X-Cache-Status: HIT
Timing-Allow-Origin: *

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
8b713e782d4daaaf92b087fa2f128979
a4a673654c0544378aa15e1dfab8c7e64eef8698
15764a19559af6a9aa1a79c435c70e3eb0d5b6ceabfb35c50e3a15539faf63ec

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 13:52:11 GMT
ETag: "a4a673654c0544378aa15e1dfab8c7e64eef8698"
Last-Modified: Sat, 04 Feb 2023 13:52:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3085
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794497894d2afac4-OSL

t13.baidu.com/it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

32 kB

URL HTTP/1.1
t13.baidu.com/it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
32 kB (31885 bytes)
Hash
1d5dfa7e5ae268ffa145dd38694a8c67
bcf11bc8f661fad040a7106eae8a55f6030a07bb
23f99eaac666a58e02ada381b710a53743aa8523517794aa4006b12b1e0a3b3f

HTTP Headers

GET /it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 31885
Connection: keep-alive
Expires: Sat, 25 Feb 2023 09:04:14 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 1d5dfa7e5ae268ffa145dd38694a8c67
Age: 391735
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 26 Jan 2023 09:04:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache63 [4], czix216 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31885
X-Cache-Status: HIT
Timing-Allow-Origin: *

12228.url.tudown.com/uploads/images/249635.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/249635.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/249635.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500

t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

45 kB

URL HTTP/1.1
t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
45 kB (44708 bytes)
Hash
859cbd8ef4d88527a1b937b26b1320ac
07e4e890a3264ca17866ab037bc8db5074a0d1d1
f1b3c9ce9d36f0adf1521fa28890f85298be1220028a8e0234b10b53a54f3d86

HTTP Headers

GET /it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 44708
Connection: keep-alive
Expires: Sun, 05 Feb 2023 15:48:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 859cbd8ef4d88527a1b937b26b1320ac
Age: 2036216
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 15:48:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache51 [4], wzix76 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44708
X-Cache-Status: HIT
Timing-Allow-Origin: *

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692965646&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692965646&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692965646&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 15:55:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=14DB54F85C348085; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img0.baidu.com/it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800

125.74.42.35

200 OK

85 kB

URL HTTP/1.1
img0.baidu.com/it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size
85 kB (85068 bytes)
Hash
811a6273c99439d55fb17930f2c54de8
8720363bec9e9821ac18f59f33d22b5a5b88706a
91ba07ee76b4ddb565ddefca69535fd37e57231cec88f82874dfbc3002765cd7

HTTP Headers

GET /it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 85068
Connection: keep-alive
Expires: Mon, 13 Feb 2023 07:42:23 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 811a6273c99439d55fb17930f2c54de8
Age: 119963
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 07:42:23 GMT
Ohc-Cache-HIT: lz3ct53 [4], xaix196 [2]
Ohc-File-Size: 85068
X-Cache-Status: HIT

12228.url.tudown.com/uploads/images/698226.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/698226.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/698226.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800

t15.baidu.com/it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

20 kB

URL HTTP/1.1
t15.baidu.com/it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
20 kB (20494 bytes)
Hash
932061f1df31421a3faa07ae322a9dcd
c60115298f12c388445d0446b61a3a5eb595ecdc
4e27e823c85a02964da5f141cda7629bc7e9d0205414efd2373da15b60d49623

HTTP Headers

GET /it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 20494
Connection: keep-alive
Expires: Wed, 22 Feb 2023 03:49:44 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 932061f1df31421a3faa07ae322a9dcd
Age: 910886
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 03:49:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache65 [1], wzix66 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20494
X-Cache-Status: HIT
Timing-Allow-Origin: *

img0.baidu.com/it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800

125.74.42.35

200 OK

90 kB

URL HTTP/1.1
img0.baidu.com/it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size
90 kB (89764 bytes)
Hash
2dd65370fe8fd270ac0e00dd4d1619f0
00eab00aee512c1af78b854af8b18c995acfd265
7a70898cfda604230f7a30c0f89a52993d17d0a4aee8c44342d9b3f008a0888d

HTTP Headers

GET /it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 89764
Connection: keep-alive
Expires: Sun, 05 Feb 2023 07:16:06 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 2dd65370fe8fd270ac0e00dd4d1619f0
Age: 315393
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 07:16:06 GMT
Ohc-Cache-HIT: lz3ct50 [4], wzix50 [2]
Ohc-File-Size: 89764
X-Cache-Status: HIT

t15.baidu.com/it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496

185.10.104.124

200 OK

51 kB

URL HTTP/1.1
t15.baidu.com/it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x496, components 3\012- data
Size
51 kB (50945 bytes)
Hash
d8d68fbaaf0836fcf357512750b3ebbe
42074a74293dcea1e1e7d32997c1e8fe59de4823
95c7976de5d4134bb79fe8f489b95deda6e086930109ca28083a0ae63ea8283a

HTTP Headers

GET /it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 50945
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:32:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d8d68fbaaf0836fcf357512750b3ebbe
Age: 2053440
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 12:32:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache52 [4], wzix116 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50945
X-Cache-Status: HIT
Timing-Allow-Origin: *

t15.baidu.com/it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

65 kB

URL HTTP/1.1
t15.baidu.com/it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
65 kB (64787 bytes)
Hash
7e7b75b9132046bac7b826a0ba2e8a37
3d59143e6a012e9f962db8b212e553e2fe62903e
79d1d7ea9c1dfdd05fdc803fde559eae8fafbf55014056e72d9b67d86ff94782

HTTP Headers

GET /it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 64787
Connection: keep-alive
Expires: Tue, 07 Feb 2023 13:48:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7e7b75b9132046bac7b826a0ba2e8a37
Age: 2050617
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 13:48:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache50 [2], bdix222 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 64787
X-Cache-Status: HIT
Timing-Allow-Origin: *

img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500

125.74.42.35

200 OK

40 kB

URL HTTP/2
img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 740x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
40 kB (40188 bytes)
Hash
5b6847091c66efd9b57bbac1864a9810
19e98b8f651bb9a4ad4581b5515fcea3bded5962
2a9c77319ae0c9ea7a87283ddedca2f16e8263464c13e6c0893ee33e9a65a7e2

HTTP Headers

GET /it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 40188
expires: Sat, 11 Feb 2023 12:36:24 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5b6847091c66efd9b57bbac1864a9810
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 12:36:24 GMT
ohc-cache-hit: lz3ct86 [1], xaix86 [4]
ohc-file-size: 40188
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69

125.74.42.35

200 OK

810 B

URL HTTP/2
img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
810 B (810 bytes)
Hash
796c7d7f62542860b46d1188ecfe0f01
a2e6823f7ae657afe400847cedc01dd277acf53e
d9c03db5264f2bbe1fb2ebe707a07e4ecf9123f0fc039c1008e00aca96f80468

HTTP Headers

GET /it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 810
expires: Wed, 22 Feb 2023 01:29:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 796c7d7f62542860b46d1188ecfe0f01
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:29:23 GMT
ohc-cache-hit: lz3ct59 [2], czix174 [4]
ohc-file-size: 810
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200

125.74.42.35

200 OK

3.9 kB

URL HTTP/2
img0.baidu.com/it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.9 kB (3878 bytes)
Hash
ed86745018a0ffc7ca51a886ee345e66
e65bb81efd8330a24737f00dca9d2e99325f03de
3e1b3d273bd96d6288a24e26e8aab3610b1af1c1c9a5acab6b6b5e8923464ebc

HTTP Headers

GET /it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 3878
expires: Fri, 24 Feb 2023 01:13:53 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ed86745018a0ffc7ca51a886ee345e66
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 01:13:53 GMT
ohc-cache-hit: lz3ct70 [1], qdix219 [4]
ohc-file-size: 3878
x-cache-status: MISS
X-Firefox-Spdy: h2

t15.baidu.com/it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

37 kB

URL HTTP/1.1
t15.baidu.com/it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
37 kB (36777 bytes)
Hash
c5a8b758606114ee3aacccdc8d934e7c
13f6031480de8ec2073d4a76428d2fc44dced0a5
df38c2d532f7b6f21429b2b44d63ed696952f48f6fe1f342e5c3c21878332dde

HTTP Headers

GET /it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 36777
Connection: keep-alive
Expires: Sun, 19 Feb 2023 05:43:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c5a8b758606114ee3aacccdc8d934e7c
Age: 1086896
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 05:43:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache60 [1], czix139 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36777
X-Cache-Status: HIT
Timing-Allow-Origin: *

img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

125.64.104.35

200 OK

49 kB

URL HTTP/2
img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
49 kB (48642 bytes)
Hash
b1239dcecfd8d2ae8581983d523b5a8e
319659f2d9d298ebc183120ddad0e9f16007ab5f
2748ee959cf00d490249eef871f48ee296eee130ad33653140ed87b9ab10b5a4

HTTP Headers

GET /it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 48642
expires: Fri, 17 Feb 2023 06:00:34 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: b1239dcecfd8d2ae8581983d523b5a8e
age: 116068
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:00:34 GMT
ohc-cache-hit: dy2ct92 [4], suzix148 [2]
ohc-file-size: 48642
x-cache-status: HIT
X-Firefox-Spdy: h2

t15.baidu.com/it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

58 kB

URL HTTP/1.1
t15.baidu.com/it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
58 kB (57628 bytes)
Hash
4eeb45437c65f97fcfef95e28526cbea
31621a45347543c084fcd308af59da83077e56fe
7cd3817830064011a21b47ee966f461f9f8689193b3c8075d69f20a50523cbde

HTTP Headers

GET /it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 57628
Connection: keep-alive
Expires: Mon, 06 Mar 2023 04:09:43 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4eeb45437c65f97fcfef95e28526cbea
Age: 39985
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 04:09:42 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [1], bdix248 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57628
X-Cache-Status: HIT
Timing-Allow-Origin: *

img0.baidu.com/it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457

125.74.42.35

200 OK

15 kB

URL HTTP/2
img0.baidu.com/it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 610x457, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (15178 bytes)
Hash
1bed5bc329b1a0956c7ab0c9744ddb34
bad30c37de13815dd2db56ce461e90d4febacc0a
376221946a4b4d932991b2b35d943a8133ac19e4bd4b2289359251ea4783db76

HTTP Headers

GET /it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 15178
expires: Tue, 14 Feb 2023 10:39:37 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 1bed5bc329b1a0956c7ab0c9744ddb34
age: 360033
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 10:39:37 GMT
ohc-cache-hit: lz3ct55 [4], bdix97 [2]
ohc-file-size: 15178
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80

125.74.42.35

200 OK

1.3 kB

URL HTTP/2
img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.3 kB (1282 bytes)
Hash
57242c1a3755a42e8e2c9aeaf2fb97cf
c8ad1e5b7ff69f8c27384dc72b58b057ec802990
f5c94cc47e01b8517274196d2bfba567bd872b91cf6347319a74d25f33261e78

HTTP Headers

GET /it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 1282
expires: Tue, 21 Feb 2023 02:37:21 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 57242c1a3755a42e8e2c9aeaf2fb97cf
age: 1163115
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:37:21 GMT
ohc-cache-hit: lz3ct55 [4], suzix55 [4]
ohc-file-size: 1282
x-cache-status: HIT
X-Firefox-Spdy: h2

12228.url.tudown.com/uploads/images/885998.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/885998.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/885998.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889

12228.url.tudown.com/uploads/images/121683.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/121683.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/121683.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500

12228.url.tudown.com/uploads/images/527921.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
12228.url.tudown.com/uploads/images/527921.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/527921.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500

t15.baidu.com/it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

32 kB

URL HTTP/1.1
t15.baidu.com/it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
32 kB (31818 bytes)
Hash
bee9d0565af3677c2702de54ebd4896c
5ffa3c30a90401d1f04cfc6acf348c6710d50cfc
bd671dc9ad736b85225fc7a7badf13fb7c014067cedc922e05840bf0f6aa3087

HTTP Headers

GET /it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 31818
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:57:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bee9d0565af3677c2702de54ebd4896c
Age: 2054611
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:57:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache50 [4], bdix165 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31818
X-Cache-Status: HIT
Timing-Allow-Origin: *

t13.baidu.com/it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

40 kB

URL HTTP/1.1
t13.baidu.com/it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
40 kB (39684 bytes)
Hash
10177ab97b8f9ad9f42eeed50bcf9058
919b7cd0d69db1323b7d0899290fa9fca306ff6b
dd648e615461d9797148dedd8bb8fa02a355017cd28c74797067638905da7f88

HTTP Headers

GET /it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 39684
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:17:58 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 10177ab97b8f9ad9f42eeed50bcf9058
Age: 2053437
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:17:58 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache50 [1], qdix152 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39684
X-Cache-Status: HIT
Timing-Allow-Origin: *

img1.baidu.com/it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800

125.64.104.35

200 OK

113 kB

URL HTTP/1.1
img1.baidu.com/it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size
113 kB (113256 bytes)
Hash
fe249d1ff29f0dc5a603defde6f44633
7185ea93b5d1238c417b92f552f66e22a52ad627
c8edb99eb76e1e28aceafdb8d5b2464af747267159e9f3143d5782c61d9e6701

HTTP Headers

GET /it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 113256
Connection: keep-alive
Expires: Sun, 12 Feb 2023 20:32:21 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: fe249d1ff29f0dc5a603defde6f44633
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 20:32:21 GMT
Ohc-Cache-HIT: dy2ct70 [1], xaix223 [4]
Ohc-File-Size: 113256
X-Cache-Status: MISS

t14.baidu.com/it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

76 kB

URL HTTP/1.1
t14.baidu.com/it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
76 kB (75901 bytes)
Hash
752ee17de51313f42281ac85246c77d4
4210ff388d556b389d7774988b52ba2f343b3e86
62429d09ffdfeb06cd7f23e66dff31ae86a6e500f561e1a6259216f6ae79e7e6

HTTP Headers

GET /it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 75901
Connection: keep-alive
Expires: Fri, 24 Feb 2023 13:51:14 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 752ee17de51313f42281ac85246c77d4
Age: 396231
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 13:51:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache50 [1], czix67 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75901
X-Cache-Status: HIT
Timing-Allow-Origin: *

img1.baidu.com/it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

125.64.104.35

200 OK

51 kB

URL HTTP/2
img1.baidu.com/it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
51 kB (50806 bytes)
Hash
6b908bc0120cd8f9516e663fd7229f8a
655cf27ca944682f5e002f628bdf7d9384fbf916
830b37df94e7fda78e5b3645b1001ff8b55827675c412a3f94b5dc0627e93f54

HTTP Headers

GET /it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 50806
expires: Fri, 17 Feb 2023 06:28:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6b908bc0120cd8f9516e663fd7229f8a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:28:22 GMT
ohc-cache-hit: dy2ct107 [1], czix107 [2]
ohc-file-size: 50806
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706

125.64.104.35

200 OK

26 kB

URL HTTP/2
img1.baidu.com/it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (26380 bytes)
Hash
695be078904b0fdb05e00aaeb5c476a8
5bcb520f0ceef11061d158bf191d8913563f6f6f
989b0c0909f975364ae709b16b9ab5fe47b077a9d59c16c676500291ba0c431b

HTTP Headers

GET /it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 26380
expires: Mon, 20 Feb 2023 02:23:48 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 695be078904b0fdb05e00aaeb5c476a8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:23:48 GMT
ohc-cache-hit: dy2ct81 [1], bdix81 [4]
ohc-file-size: 26380
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800

125.74.42.35

200 OK

238 kB

URL HTTP/1.1
img0.baidu.com/it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size
238 kB (237534 bytes)
Hash
cb6428460700e981a659a89a927d56ce
ffbb3dd498456a3da82cdfef7b769df5518ccc84
4d173a2b4c98045f59bddb94868af4587313448dd974323e8d002d416543dfaa

HTTP Headers

GET /it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 237534
Connection: keep-alive
Expires: Sat, 11 Feb 2023 12:03:29 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: cb6428460700e981a659a89a927d56ce
Age: 288217
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 12:03:29 GMT
Ohc-Cache-HIT: lz3ct50 [4], czix168 [4]
Ohc-File-Size: 237534
X-Cache-Status: HIT

img0.baidu.com/it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483

125.74.42.35

200 OK

40 kB

URL HTTP/2
img0.baidu.com/it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 430x483, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
40 kB (40066 bytes)
Hash
45131c270ebf657c4b944fa358d9717a
e3e15f0991c0ff3ffbd38e4a4ce638b2dffd41b7
ee0155940fb836bbb04f50c068e5a16c20f1fc4350800f87d66c88ba5dc3c537

HTTP Headers

GET /it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 40066
expires: Tue, 21 Feb 2023 09:29:26 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 45131c270ebf657c4b944fa358d9717a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:29:26 GMT
ohc-cache-hit: lz3ct73 [1], bdix203 [2]
ohc-file-size: 40066
x-cache-status: MISS
X-Firefox-Spdy: h2

t15.baidu.com/it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

40 kB

URL HTTP/1.1
t15.baidu.com/it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
40 kB (39598 bytes)
Hash
2004ef8c87a0967f7e3203376b2db5d0
038201230d6281a3ef872a7a0ec9c0c651ea05a1
e173409d292f631a3b1d8887c3da660ad81e3a029e37fa98a35a1661b318095a

HTTP Headers

GET /it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 39598
Connection: keep-alive
Expires: Mon, 06 Mar 2023 05:18:08 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 2004ef8c87a0967f7e3203376b2db5d0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 05:18:08 GMT
Ohc-Upstream-Trace: 58.20.204.50
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache50 [4], czix184 [4]
Ohc-Response-Time: 1 0 0 0 335 335
Ohc-File-Size: 39598
X-Cache-Status: MISS
Timing-Allow-Origin: *

img0.baidu.com/it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652

125.74.42.35

200 OK

44 kB

URL HTTP/2
img0.baidu.com/it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x652, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
44 kB (43694 bytes)
Hash
27b6f8b9467d7822bcc6bf2ebb34e653
6e0dacd474a71c01578e6d8cd9018b68878b4663
a93145ca9501ad7e79918dcb31e71f5d4a941c05283cbcde5a67d914c5aa2d3e

HTTP Headers

GET /it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 43694
expires: Fri, 24 Feb 2023 12:30:29 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 27b6f8b9467d7822bcc6bf2ebb34e653
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 12:30:29 GMT
ohc-cache-hit: lz3ct90 [1], czix132 [4]
ohc-file-size: 43694
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500

125.74.42.35

200 OK

18 kB

URL HTTP/2
img0.baidu.com/it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 375x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18462 bytes)
Hash
c8f9ce67fd6077d06c8537393119eeb4
356ed4e87413ba9a64bfa1edc9122eacc0388f93
5c98fdd93666e926d506a4b4d426b38b5cd49b17572a78a16d4dd67a7828a0df

HTTP Headers

GET /it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 18462
expires: Wed, 22 Feb 2023 13:27:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c8f9ce67fd6077d06c8537393119eeb4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 13:27:47 GMT
ohc-cache-hit: lz3ct61 [1], bdix158 [4]
ohc-file-size: 18462
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500

125.74.42.35

200 OK

37 kB

URL HTTP/2
img2.baidu.com/it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 801x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
37 kB (36966 bytes)
Hash
6f8683e2bc898ed151ae034e564f14d8
46d4cad11b445327b0f8f4d2ef620f5efd73b4b8
c45788b33fe221bc1397702efed93851d76b2b84f3e7c195b7a5f10c611cee11

HTTP Headers

GET /it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 36966
expires: Fri, 10 Feb 2023 21:18:43 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 6f8683e2bc898ed151ae034e564f14d8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:18:43 GMT
ohc-cache-hit: lz3ct73 [1], xiangyix73 [4]
ohc-file-size: 36966
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500

125.74.42.35

200 OK

17 kB

URL HTTP/2
img2.baidu.com/it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 338x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (16638 bytes)
Hash
b763f2f696ac7ceafb89e8e2a2b01236
89ff596034a278ed43f089591de0154c83593130
7c35b2eeee36a9ca8d747c3cf4ebf5563c864070beb99aed8a12baca62a32872

HTTP Headers

GET /it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 16638
expires: Fri, 10 Feb 2023 21:18:26 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: b763f2f696ac7ceafb89e8e2a2b01236
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:18:26 GMT
ohc-cache-hit: lz3ct69 [1], xiangyix69 [4]
ohc-file-size: 16638
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198

125.74.42.35

200 OK

4.9 kB

URL HTTP/2
img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 170x198, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.9 kB (4882 bytes)
Hash
11e0ff068194a43f900eab02108a19b3
41275924e29a24a9a358d4be1322bc85185cd8eb
e1471974f4607a9ce99bf87c0265bcfb0c6e2ef8f7516772f1fd12d066b3119b

HTTP Headers

GET /it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 4882
expires: Mon, 06 Feb 2023 04:37:09 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 11e0ff068194a43f900eab02108a19b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:37:09 GMT
ohc-cache-hit: lz3ct88 [1], csix88 [4]
ohc-file-size: 4882
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

125.64.104.35

200 OK

28 kB

URL HTTP/2
img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
28 kB (28148 bytes)
Hash
dcd362b1ddfc8d68597a59f74d54b570
fdf68f16ea6b6ff1dcf83de8fbc7ef94f0a8c06d
bdec33cdb146c96b089d4f6cf722f875b11ad17ae78f29890b833d3cce3d974e

HTTP Headers

GET /it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 28148
expires: Sun, 19 Feb 2023 19:17:01 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: dcd362b1ddfc8d68597a59f74d54b570
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 19:17:01 GMT
ohc-cache-hit: dy2ct51 [1], czix51 [4]
ohc-file-size: 28148
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423

125.64.104.35

200 OK

14 kB

URL HTTP/2
img1.baidu.com/it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (13682 bytes)
Hash
5fe58c19bff814596d34c115018a1a30
e9a49854bb0693acad8b8760eda6e9d6e0a87f89
36cc1d17383ebf5afdfe84ea9487d81d4fd79eefa1632f15a8718976edbb891d

HTTP Headers

GET /it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 13682
expires: Mon, 20 Feb 2023 04:32:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5fe58c19bff814596d34c115018a1a30
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:32:03 GMT
ohc-cache-hit: dy2ct107 [1], qdix107 [4]
ohc-file-size: 13682
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500

125.64.104.35

200 OK

23 kB

URL HTTP/2
img1.baidu.com/it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
23 kB (22810 bytes)
Hash
e1eb2a3c8b1228cbd5541ce32726ab4e
28bdce5010cd7d9d9b4e0805495dd73dd9cd9e61
3150c0897b9f9c6342d52a25c5cd223e43fe812fc8055509f749c578a1fb6273

HTTP Headers

GET /it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 22810
expires: Fri, 10 Feb 2023 07:57:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e1eb2a3c8b1228cbd5541ce32726ab4e
age: 37756
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 07:57:48 GMT
ohc-cache-hit: dy2ct116 [4], csix117 [4]
ohc-file-size: 22810
x-cache-status: HIT
X-Firefox-Spdy: h2

img2.baidu.com/it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233

125.74.42.35

200 OK

11 kB

URL HTTP/2
img2.baidu.com/it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233
IP
125.74.42.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 310x233, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10868 bytes)
Hash
0455e81f1a69a311e4bf48ce9639ae20
9dbfa708cd839caecb11f69f923005803ad51c82
3f80bd46279cab3cbb5f029611b8449ff0aab75da1f42ee3ac7a37c3bda6fd2c

HTTP Headers

GET /it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 10868
expires: Sun, 12 Feb 2023 18:30:33 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 0455e81f1a69a311e4bf48ce9639ae20
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 18:30:33 GMT
ohc-cache-hit: lz3ct74 [1], wzix98 [4]
ohc-file-size: 10868
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800

125.64.104.35

200 OK

92 kB

URL HTTP/1.1
img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size
92 kB (91516 bytes)
Hash
69d54b5f725aaa87c8a71a77f4cc38b6
a35fed891e225cd5bfe2754447670bfa4fe42336
2d1986aefbddf89ebb01171bab46b28fcd41d6ad11f962ecf9a0752716373276

HTTP Headers

GET /it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 91516
Connection: keep-alive
Expires: Sun, 05 Mar 2023 14:32:19 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 69d54b5f725aaa87c8a71a77f4cc38b6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 14:32:19 GMT
Ohc-Cache-HIT: dy2ct73 [1], xaix196 [2]
Ohc-File-Size: 91516
X-Cache-Status: MISS

js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d

101.198.192.7

200 OK

117 B

URL HTTP/1.1
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP
101.198.192.7:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
HTML document, ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e

HTTP Headers

GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 16:05:41 GMT
KCS-Via: REVALIDATED from w-fc01.hkht;MISS from w-sc01.hkht
Content-Encoding: gzip

img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889

125.64.104.35

200 OK

36 kB

URL HTTP/2
img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
125.64.104.35:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
36 kB (36472 bytes)
Hash
e39b5668dc23b0158ee938e0c1aa3d15
f49e076f6263487e76f673763ba6a393a8cbd846
301cf935892094b7be50488fbbd48bad966416c74c155e602d6550a68596e9ee

HTTP Headers

GET /it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 36472
expires: Mon, 20 Feb 2023 09:56:29 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e39b5668dc23b0158ee938e0c1aa3d15
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:56:29 GMT
ohc-cache-hit: dy2ct52 [1], wzix52 [4]
ohc-file-size: 36472
x-cache-status: MISS
X-Firefox-Spdy: h2

s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130

180.97.251.250

200 OK

20 B

URL HTTP/2
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP
180.97.251.250:0
ASN
#4134 Chinanet

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 15:31:52 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 15:31:52 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675524712
via: cache18.l2ea120-8[68,67,200-0,M], cache78.l2ea120-8[69,0], cache8.cn2205[0,0,200-0,H], cache14.cn2205[1,0]
age: 1429
x-cache: HIT TCP_HIT dirn:13:837765258
x-swift-savetime: Sat, 04 Feb 2023 15:31:52 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb2a16755261413017195e
X-Firefox-Spdy: h2

s6.qhres2.com/static/ab77b6ea7f3fbf79.js

54.230.111.11

200 OK

478 B

URL HTTP/1.1
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP
54.230.111.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (478), with no line terminators
Size
478 B (478 bytes)
Hash
5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

HTTP Headers

GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pSwIVcAlomjhy_kjhvfYnYGdrqQ5iX1sooKJPfgDH76iJb_rXWt9lg==
Age: 11369236

img2.baidu.com/it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800

180.97.66.35

200 OK

57 kB

URL HTTP/1.1
img2.baidu.com/it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800
IP
180.97.66.35:0
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size
57 kB (56600 bytes)
Hash
6a77f6a2d329a2362fcf361d8b6860cb
fae32c470359625df04efa38b825922b3020db24
9339b7ab972e95c564fafedf2965d6e68529b0fe51fc47817d36cde7efefd19f

HTTP Headers

GET /it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 56600
Connection: keep-alive
Expires: Sun, 12 Feb 2023 12:42:17 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 6a77f6a2d329a2362fcf361d8b6860cb
Age: 506461
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 12:42:17 GMT
Ohc-Cache-HIT: suz2ct57 [4], qdix248 [4]
Ohc-File-Size: 56600
X-Cache-Status: HIT

s.360.cn/so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08

171.13.14.66

200 OK

0 B

URL HTTP/1.1
s.360.cn/so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08
IP
171.13.14.66:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08 HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/

HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 15:55:42 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Thu, 01 Aug 2019 13:00:32 GMT
Connection: keep-alive
ETag: "5d42e270-0"
Accept-Ranges: bytes

12228.url.tudown.com/favicon.ico

154.218.151.71

200 OK

0 B

URL HTTP/1.1
12228.url.tudown.com/favicon.ico
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675526176; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675526176

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:42 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML