r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Sat, 04 Feb 2023 16:31:37 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5259
Expires: Sat, 04 Feb 2023 17:23:15 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 15:43:38 GMT
content-type: application/json
age: 718
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12876
Expires: Sat, 04 Feb 2023 19:30:12 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: M4dxy4YcOX1BzAY1odQT0HyCIXMsSHfKynEgDK1gGMkrgVMzvnF9Jevnn+abnjMZu980LkMgznVaiLRvPdViPA==
x-amz-request-id: N6DDCJ614S60W59Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 15:24:04 GMT
age: 1892
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 15:55:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 15:07:19 GMT
age: 2897
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Sat, 04 Feb 2023 16:34:48 GMT
Date: Sat, 04 Feb 2023 15:55:36 GMT
Connection: keep-alive
12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
154.218.151.71200 OK 6.5 kB URL HTTP/1.1 12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307), with CRLF, LF line terminators
Hash c0feba6f5ccf6f00b8398374d40d1d4c
07bb63d4514085e1a4077c72c34f91abc9d3f9de
afda54f3a9dd7332639056f384a58d7d63735dacb09684621584c122a81ce098
Analyzer Verdict Alert fortinet Malware
GET /down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4dhES68CivsB+/u+D1ad9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OwQdZi2cJIcMu0aDmwaCX7t4sjc=
12228.url.tudown.com/template/company/42xz/css/common.css
154.218.151.71200 OK 1.9 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/css/common.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12228.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12228.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12228.url.tudown.com/template/company/42xz/js/soft.js
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/js/soft.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12228.url.tudown.com/template/company/42xz/css/soft.css
154.218.151.71200 OK 6.6 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12228.url.tudown.com/uploads/images/800791.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/800791.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/800791.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500
12228.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250
154.218.151.71200 OK 3.8 kB URL HTTP/1.1 12228.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash ed02213cb5a8b9c435beff942aec886e
c3a2d3504ff7f6c9c6d887179496a3b5c468d429
f803288101d17e59978ccda9a47c411643ef2639a7455cbbcd571d10e06e3634
GET /uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250 HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12228.url.tudown.com/template/company/42xz/images/tab_line.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/images/tab_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
12228.url.tudown.com/uploads/images/108747.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/108747.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/108747.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652
12228.url.tudown.com/template/company/42xz/images/dian1.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/images/dian1.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
12228.url.tudown.com/uploads/images/466096.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/466096.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/466096.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/644978.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/644978.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/644978.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21009
Expires: Sat, 04 Feb 2023 21:45:47 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive
12228.url.tudown.com/template/company/42xz/js/jquery.js
154.218.151.71200 OK 46 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:37 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sun, 05 Feb 2023 03:55:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19774
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19774
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19774
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 15:55:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 64194
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 64512
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:30:47 GMT
age: 55491
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 34534
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 64217
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 64771
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12228.url.tudown.com/uploads/images/331151.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/331151.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/331151.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
12228.url.tudown.com/uploads/images/683841.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/683841.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/683841.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/274732.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/274732.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/274732.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500
12228.url.tudown.com/uploads/images/485293.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/485293.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/485293.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
12228.url.tudown.com/uploads/images/459412.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/459412.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/459412.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 81f5c123f4a83e821e1e2f7c4101a7bf
650933ff62323a28072863389d558e213041f68a
5a56d766b7901444e0da4d430348ca3f0ddae9cf26f9bb4f41266c36750572d7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 12:17:24 GMT
ETag: "650933ff62323a28072863389d558e213041f68a"
Last-Modified: Sat, 04 Feb 2023 12:17:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7944977ebea1b4fd-OSL
12228.url.tudown.com/uploads/images/405246.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/405246.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/405246.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483
12228.url.tudown.com/uploads/images/331500.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/331500.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/331500.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12228.url.tudown.com/uploads/images/471925.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/471925.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/471925.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
12228.url.tudown.com/uploads/images/878234.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/878234.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/878234.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496
12228.url.tudown.com/uploads/images/275620.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/275620.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/275620.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 15:55:38 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 15:55:38 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=3B764074B7A4D811B4437DFDD1E4D035:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 15:55:38 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12228.url.tudown.com/uploads/images/248916.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/248916.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/248916.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423
12228.url.tudown.com/uploads/images/812485.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/812485.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/812485.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800
12228.url.tudown.com/uploads/images/716532.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/716532.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/716532.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/831882.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/831882.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/831882.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
12228.url.tudown.com/uploads/images/194626.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/194626.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/194626.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12228.url.tudown.com/uploads/images/897434.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/897434.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/897434.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/793075.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/793075.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/793075.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800
api.share.baidu.com/s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 15:55:39 GMT
12228.url.tudown.com/uploads/images/875584.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/875584.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/875584.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800
12228.url.tudown.com/uploads/images/837538.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/837538.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/837538.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457
12228.url.tudown.com/template/company/42xz/images/dian2.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/images/dian2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
12228.url.tudown.com/uploads/images/371783.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/371783.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/371783.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/701518.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/701518.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/701518.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/646335.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/646335.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/646335.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 19 kB URL HTTP/1.1 t13.baidu.com/it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e3e96965d378fdade70388730a93e48d
58634224b634230ff7e59937fda3b5f11b97e424
83d7d774bac0fc7444b89da9fdf03116c510c134aa218df2509e3f111b8bf0e1
GET /it/u=2974606313,588910300&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 19193
Connection: keep-alive
Expires: Sun, 05 Feb 2023 04:12:33 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e3e96965d378fdade70388730a93e48d
Age: 2054891
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 04:12:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache58 [4], suzix179 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 19193
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 59 kB URL HTTP/1.1 t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash e6f8e8c107ef57bb869b14ce1ccb0f70
b7be68398774b4b697e1f48403bf9ed405402a66
13a183e8641e9b8e1cc1eb4afc5337a733b4e3bdb2169affcf12841bd5749888
GET /it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 59190
Connection: keep-alive
Expires: Thu, 16 Feb 2023 07:58:23 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: e6f8e8c107ef57bb869b14ce1ccb0f70
Age: 351029
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 07:58:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache54 [4], wzix101 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59190
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500
185.10.104.124200 OK 19 kB URL HTTP/1.1 t13.baidu.com/it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 412x500, components 3\012- data
Hash c6d175fe907c1ee86f3af0991a13ff54
e3bde11c6f56761c4b6272be24a8dc4db8a8588d
f98c5045c3fc70ff9d20768503a32da107eefd1e8ca3f2c8c82e9d04129cc98f
GET /it/u=1592249628,2848381968&fm=224&app=112&f=JPEG?w=412&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 18939
Connection: keep-alive
Expires: Thu, 02 Mar 2023 10:25:31 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: c6d175fe907c1ee86f3af0991a13ff54
Age: 38478
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 10:25:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache61 [2], xaix216 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 18939
X-Cache-Status: HIT
Timing-Allow-Origin: *
12228.url.tudown.com/uploads/images/244064.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/244064.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/244064.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
12228.url.tudown.com/uploads/images/36828.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/36828.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/36828.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800
12228.url.tudown.com/uploads/images/104740.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/104740.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/104740.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
12228.url.tudown.com/uploads/images/540340.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/540340.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/540340.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash b64027a3157f1c031fc18775966cc25f
0d15ecfd8dab47c4db5d040251ea90dd879a8cc8
2524dbefe29bd734ca870813a9bac06299aa99e3284213055732ed97c8d5f23b
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 15:55:39 GMT
Etag: 94e83698f77ff0b0c9914f059c17be20
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C3DB5BE1E3B25BBB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12228.url.tudown.com/uploads/images/726009.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/726009.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/726009.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
12228.url.tudown.com/uploads/images/909243.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/909243.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/909243.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
125.74.42.35200 OK 36 kB URL HTTP/1.1 img0.baidu.com/it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500
IP 125.74.42.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 5e410e8a12936270f83cdb9d1eee7277
4d90b828b8cfbbc6fa07aba7355f71410017ab7c
fbd28eae165ef8338c9d5d369e99aa2618bd559da8364c1ae05a3d685120a3bf
GET /it/u=2285692188,1662244929&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 35956
Connection: keep-alive
Expires: Mon, 20 Feb 2023 01:28:32 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 5e410e8a12936270f83cdb9d1eee7277
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 01:28:32 GMT
Ohc-Cache-HIT: lz3ct54 [1], xiangyix145 [4]
Ohc-File-Size: 35956
X-Cache-Status: MISS
12228.url.tudown.com/uploads/images/588978.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/588978.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/588978.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233
12228.url.tudown.com/uploads/images/83532.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/83532.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/83532.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/327369.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/327369.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/327369.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/759701.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/759701.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/759701.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 61 kB URL HTTP/1.1 t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c172b25dd77f4eb994525f3168c7529d
858ef51604ba1fb4b7ced90be99caabdac91fe2b
84715b859c9cf24b89e4f218fa38da7b7a9fdf50393ca0b9d5c24d9ffb82f16b
GET /it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 60595
Connection: keep-alive
Expires: Fri, 24 Feb 2023 02:34:13 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: c172b25dd77f4eb994525f3168c7529d
Age: 388318
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 02:34:13 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache52 [1], wzix92 [4]
Ohc-Response-Time: 1 0 0 0 0 1
Ohc-File-Size: 60595
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 8b713e782d4daaaf92b087fa2f128979
a4a673654c0544378aa15e1dfab8c7e64eef8698
15764a19559af6a9aa1a79c435c70e3eb0d5b6ceabfb35c50e3a15539faf63ec
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 13:52:11 GMT
ETag: "a4a673654c0544378aa15e1dfab8c7e64eef8698"
Last-Modified: Sat, 04 Feb 2023 13:52:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3085
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794497894d2afac4-OSL
t13.baidu.com/it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t13.baidu.com/it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1d5dfa7e5ae268ffa145dd38694a8c67
bcf11bc8f661fad040a7106eae8a55f6030a07bb
23f99eaac666a58e02ada381b710a53743aa8523517794aa4006b12b1e0a3b3f
GET /it/u=361236894,3190973836&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 31885
Connection: keep-alive
Expires: Sat, 25 Feb 2023 09:04:14 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 1d5dfa7e5ae268ffa145dd38694a8c67
Age: 391735
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 26 Jan 2023 09:04:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache63 [4], czix216 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31885
X-Cache-Status: HIT
Timing-Allow-Origin: *
12228.url.tudown.com/uploads/images/249635.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/249635.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/249635.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500
t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 859cbd8ef4d88527a1b937b26b1320ac
07e4e890a3264ca17866ab037bc8db5074a0d1d1
f1b3c9ce9d36f0adf1521fa28890f85298be1220028a8e0234b10b53a54f3d86
GET /it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 44708
Connection: keep-alive
Expires: Sun, 05 Feb 2023 15:48:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 859cbd8ef4d88527a1b937b26b1320ac
Age: 2036216
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 15:48:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache51 [4], wzix76 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44708
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692965646&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692965646&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692965646&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=58366&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 15:55:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=14DB54F85C348085; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.42.35200 OK 85 kB URL HTTP/1.1 img0.baidu.com/it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.42.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 811a6273c99439d55fb17930f2c54de8
8720363bec9e9821ac18f59f33d22b5a5b88706a
91ba07ee76b4ddb565ddefca69535fd37e57231cec88f82874dfbc3002765cd7
GET /it/u=2497883494,3001772174&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 85068
Connection: keep-alive
Expires: Mon, 13 Feb 2023 07:42:23 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 811a6273c99439d55fb17930f2c54de8
Age: 119963
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 07:42:23 GMT
Ohc-Cache-HIT: lz3ct53 [4], xaix196 [2]
Ohc-File-Size: 85068
X-Cache-Status: HIT
12228.url.tudown.com/uploads/images/698226.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/698226.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/698226.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
t15.baidu.com/it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 20 kB URL HTTP/1.1 t15.baidu.com/it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 932061f1df31421a3faa07ae322a9dcd
c60115298f12c388445d0446b61a3a5eb595ecdc
4e27e823c85a02964da5f141cda7629bc7e9d0205414efd2373da15b60d49623
GET /it/u=3815702891,1998969359&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 20494
Connection: keep-alive
Expires: Wed, 22 Feb 2023 03:49:44 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 932061f1df31421a3faa07ae322a9dcd
Age: 910886
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 03:49:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache65 [1], wzix66 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20494
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.42.35200 OK 90 kB URL HTTP/1.1 img0.baidu.com/it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.42.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 2dd65370fe8fd270ac0e00dd4d1619f0
00eab00aee512c1af78b854af8b18c995acfd265
7a70898cfda604230f7a30c0f89a52993d17d0a4aee8c44342d9b3f008a0888d
GET /it/u=3722733904,2331329613&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 89764
Connection: keep-alive
Expires: Sun, 05 Feb 2023 07:16:06 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 2dd65370fe8fd270ac0e00dd4d1619f0
Age: 315393
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 07:16:06 GMT
Ohc-Cache-HIT: lz3ct50 [4], wzix50 [2]
Ohc-File-Size: 89764
X-Cache-Status: HIT
t15.baidu.com/it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496
185.10.104.124200 OK 51 kB URL HTTP/1.1 t15.baidu.com/it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x496, components 3\012- data
Hash d8d68fbaaf0836fcf357512750b3ebbe
42074a74293dcea1e1e7d32997c1e8fe59de4823
95c7976de5d4134bb79fe8f489b95deda6e086930109ca28083a0ae63ea8283a
GET /it/u=3891041186,1727756966&fm=224&app=112&f=JPEG?w=500&h=496 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 50945
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:32:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d8d68fbaaf0836fcf357512750b3ebbe
Age: 2053440
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 12:32:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache52 [4], wzix116 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50945
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 65 kB URL HTTP/1.1 t15.baidu.com/it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 7e7b75b9132046bac7b826a0ba2e8a37
3d59143e6a012e9f962db8b212e553e2fe62903e
79d1d7ea9c1dfdd05fdc803fde559eae8fafbf55014056e72d9b67d86ff94782
GET /it/u=3677239576,645049816&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 64787
Connection: keep-alive
Expires: Tue, 07 Feb 2023 13:48:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7e7b75b9132046bac7b826a0ba2e8a37
Age: 2050617
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 13:48:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache50 [2], bdix222 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 64787
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
125.74.42.35200 OK 40 kB URL HTTP/2 img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 740x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b6847091c66efd9b57bbac1864a9810
19e98b8f651bb9a4ad4581b5515fcea3bded5962
2a9c77319ae0c9ea7a87283ddedca2f16e8263464c13e6c0893ee33e9a65a7e2
GET /it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 40188
expires: Sat, 11 Feb 2023 12:36:24 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5b6847091c66efd9b57bbac1864a9810
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 12:36:24 GMT
ohc-cache-hit: lz3ct86 [1], xaix86 [4]
ohc-file-size: 40188
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
125.74.42.35200 OK 810 B URL HTTP/2 img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 796c7d7f62542860b46d1188ecfe0f01
a2e6823f7ae657afe400847cedc01dd277acf53e
d9c03db5264f2bbe1fb2ebe707a07e4ecf9123f0fc039c1008e00aca96f80468
GET /it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 810
expires: Wed, 22 Feb 2023 01:29:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 796c7d7f62542860b46d1188ecfe0f01
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:29:23 GMT
ohc-cache-hit: lz3ct59 [2], czix174 [4]
ohc-file-size: 810
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
125.74.42.35200 OK 3.9 kB URL HTTP/2 img0.baidu.com/it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed86745018a0ffc7ca51a886ee345e66
e65bb81efd8330a24737f00dca9d2e99325f03de
3e1b3d273bd96d6288a24e26e8aab3610b1af1c1c9a5acab6b6b5e8923464ebc
GET /it/u=2779956460,3482073430&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 3878
expires: Fri, 24 Feb 2023 01:13:53 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ed86745018a0ffc7ca51a886ee345e66
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 01:13:53 GMT
ohc-cache-hit: lz3ct70 [1], qdix219 [4]
ohc-file-size: 3878
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 37 kB URL HTTP/1.1 t15.baidu.com/it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c5a8b758606114ee3aacccdc8d934e7c
13f6031480de8ec2073d4a76428d2fc44dced0a5
df38c2d532f7b6f21429b2b44d63ed696952f48f6fe1f342e5c3c21878332dde
GET /it/u=2821987394,110490927&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 36777
Connection: keep-alive
Expires: Sun, 19 Feb 2023 05:43:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c5a8b758606114ee3aacccdc8d934e7c
Age: 1086896
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 05:43:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache60 [1], czix139 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36777
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.64.104.35200 OK 49 kB URL HTTP/2 img1.baidu.com/it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1239dcecfd8d2ae8581983d523b5a8e
319659f2d9d298ebc183120ddad0e9f16007ab5f
2748ee959cf00d490249eef871f48ee296eee130ad33653140ed87b9ab10b5a4
GET /it/u=3220094201,1000275519&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 48642
expires: Fri, 17 Feb 2023 06:00:34 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: b1239dcecfd8d2ae8581983d523b5a8e
age: 116068
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:00:34 GMT
ohc-cache-hit: dy2ct92 [4], suzix148 [2]
ohc-file-size: 48642
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t15.baidu.com/it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4eeb45437c65f97fcfef95e28526cbea
31621a45347543c084fcd308af59da83077e56fe
7cd3817830064011a21b47ee966f461f9f8689193b3c8075d69f20a50523cbde
GET /it/u=2381376177,660919647&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 57628
Connection: keep-alive
Expires: Mon, 06 Mar 2023 04:09:43 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4eeb45437c65f97fcfef95e28526cbea
Age: 39985
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 04:09:42 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [1], bdix248 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57628
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457
125.74.42.35200 OK 15 kB URL HTTP/2 img0.baidu.com/it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 610x457, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bed5bc329b1a0956c7ab0c9744ddb34
bad30c37de13815dd2db56ce461e90d4febacc0a
376221946a4b4d932991b2b35d943a8133ac19e4bd4b2289359251ea4783db76
GET /it/u=2466575525,3643079870&fm=253&fmt=auto&app=138&f=JPEG?w=610&h=457 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 15178
expires: Tue, 14 Feb 2023 10:39:37 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 1bed5bc329b1a0956c7ab0c9744ddb34
age: 360033
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 10:39:37 GMT
ohc-cache-hit: lz3ct55 [4], bdix97 [2]
ohc-file-size: 15178
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
125.74.42.35200 OK 1.3 kB URL HTTP/2 img0.baidu.com/it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57242c1a3755a42e8e2c9aeaf2fb97cf
c8ad1e5b7ff69f8c27384dc72b58b057ec802990
f5c94cc47e01b8517274196d2bfba567bd872b91cf6347319a74d25f33261e78
GET /it/u=387372231,631673705&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 1282
expires: Tue, 21 Feb 2023 02:37:21 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 57242c1a3755a42e8e2c9aeaf2fb97cf
age: 1163115
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:37:21 GMT
ohc-cache-hit: lz3ct55 [4], suzix55 [4]
ohc-file-size: 1282
x-cache-status: HIT
X-Firefox-Spdy: h2
12228.url.tudown.com/uploads/images/885998.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/885998.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/885998.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12228.url.tudown.com/uploads/images/121683.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/121683.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/121683.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/527921.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/527921.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/527921.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t15.baidu.com/it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bee9d0565af3677c2702de54ebd4896c
5ffa3c30a90401d1f04cfc6acf348c6710d50cfc
bd671dc9ad736b85225fc7a7badf13fb7c014067cedc922e05840bf0f6aa3087
GET /it/u=1313633159,3959210303&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 31818
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:57:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bee9d0565af3677c2702de54ebd4896c
Age: 2054611
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:57:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache50 [4], bdix165 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31818
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t13.baidu.com/it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 10177ab97b8f9ad9f42eeed50bcf9058
919b7cd0d69db1323b7d0899290fa9fca306ff6b
dd648e615461d9797148dedd8bb8fa02a355017cd28c74797067638905da7f88
GET /it/u=3571040001,2214739468&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 39684
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:17:58 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 10177ab97b8f9ad9f42eeed50bcf9058
Age: 2053437
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:17:58 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache50 [1], qdix152 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39684
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800
125.64.104.35200 OK 113 kB URL HTTP/1.1 img1.baidu.com/it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 113 kB (113256 bytes)
Hash fe249d1ff29f0dc5a603defde6f44633
7185ea93b5d1238c417b92f552f66e22a52ad627
c8edb99eb76e1e28aceafdb8d5b2464af747267159e9f3143d5782c61d9e6701
GET /it/u=3209097461,3787991228&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 113256
Connection: keep-alive
Expires: Sun, 12 Feb 2023 20:32:21 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: fe249d1ff29f0dc5a603defde6f44633
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 20:32:21 GMT
Ohc-Cache-HIT: dy2ct70 [1], xaix223 [4]
Ohc-File-Size: 113256
X-Cache-Status: MISS
t14.baidu.com/it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 76 kB URL HTTP/1.1 t14.baidu.com/it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 752ee17de51313f42281ac85246c77d4
4210ff388d556b389d7774988b52ba2f343b3e86
62429d09ffdfeb06cd7f23e66dff31ae86a6e500f561e1a6259216f6ae79e7e6
GET /it/u=766409959,604995190&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 75901
Connection: keep-alive
Expires: Fri, 24 Feb 2023 13:51:14 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 752ee17de51313f42281ac85246c77d4
Age: 396231
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 13:51:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache50 [1], czix67 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75901
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
125.64.104.35200 OK 51 kB URL HTTP/2 img1.baidu.com/it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b908bc0120cd8f9516e663fd7229f8a
655cf27ca944682f5e002f628bdf7d9384fbf916
830b37df94e7fda78e5b3645b1001ff8b55827675c412a3f94b5dc0627e93f54
GET /it/u=771112518,1823499522&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 50806
expires: Fri, 17 Feb 2023 06:28:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6b908bc0120cd8f9516e663fd7229f8a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:28:22 GMT
ohc-cache-hit: dy2ct107 [1], czix107 [2]
ohc-file-size: 50806
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
125.64.104.35200 OK 26 kB URL HTTP/2 img1.baidu.com/it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 695be078904b0fdb05e00aaeb5c476a8
5bcb520f0ceef11061d158bf191d8913563f6f6f
989b0c0909f975364ae709b16b9ab5fe47b077a9d59c16c676500291ba0c431b
GET /it/u=2897679726,2719122843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 26380
expires: Mon, 20 Feb 2023 02:23:48 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 695be078904b0fdb05e00aaeb5c476a8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:23:48 GMT
ohc-cache-hit: dy2ct81 [1], bdix81 [4]
ohc-file-size: 26380
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800
125.74.42.35200 OK 238 kB URL HTTP/1.1 img0.baidu.com/it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800
IP 125.74.42.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 238 kB (237534 bytes)
Hash cb6428460700e981a659a89a927d56ce
ffbb3dd498456a3da82cdfef7b769df5518ccc84
4d173a2b4c98045f59bddb94868af4587313448dd974323e8d002d416543dfaa
GET /it/u=2660093577,3768629951&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:39 GMT
Content-Type: image/jpeg
Content-Length: 237534
Connection: keep-alive
Expires: Sat, 11 Feb 2023 12:03:29 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: cb6428460700e981a659a89a927d56ce
Age: 288217
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 12:03:29 GMT
Ohc-Cache-HIT: lz3ct50 [4], czix168 [4]
Ohc-File-Size: 237534
X-Cache-Status: HIT
img0.baidu.com/it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483
125.74.42.35200 OK 40 kB URL HTTP/2 img0.baidu.com/it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 430x483, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45131c270ebf657c4b944fa358d9717a
e3e15f0991c0ff3ffbd38e4a4ce638b2dffd41b7
ee0155940fb836bbb04f50c068e5a16c20f1fc4350800f87d66c88ba5dc3c537
GET /it/u=2444798690,3218566265&fm=253&fmt=auto&app=138&f=JPEG?w=430&h=483 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 40066
expires: Tue, 21 Feb 2023 09:29:26 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 45131c270ebf657c4b944fa358d9717a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:29:26 GMT
ohc-cache-hit: lz3ct73 [1], bdix203 [2]
ohc-file-size: 40066
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2004ef8c87a0967f7e3203376b2db5d0
038201230d6281a3ef872a7a0ec9c0c651ea05a1
e173409d292f631a3b1d8887c3da660ad81e3a029e37fa98a35a1661b318095a
GET /it/u=916988810,3877259477&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 39598
Connection: keep-alive
Expires: Mon, 06 Mar 2023 05:18:08 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 2004ef8c87a0967f7e3203376b2db5d0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 05:18:08 GMT
Ohc-Upstream-Trace: 58.20.204.50
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache50 [4], czix184 [4]
Ohc-Response-Time: 1 0 0 0 335 335
Ohc-File-Size: 39598
X-Cache-Status: MISS
Timing-Allow-Origin: *
img0.baidu.com/it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652
125.74.42.35200 OK 44 kB URL HTTP/2 img0.baidu.com/it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x652, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27b6f8b9467d7822bcc6bf2ebb34e653
6e0dacd474a71c01578e6d8cd9018b68878b4663
a93145ca9501ad7e79918dcb31e71f5d4a941c05283cbcde5a67d914c5aa2d3e
GET /it/u=1980182231,2594883&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=652 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 43694
expires: Fri, 24 Feb 2023 12:30:29 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 27b6f8b9467d7822bcc6bf2ebb34e653
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 12:30:29 GMT
ohc-cache-hit: lz3ct90 [1], czix132 [4]
ohc-file-size: 43694
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
125.74.42.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 375x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8f9ce67fd6077d06c8537393119eeb4
356ed4e87413ba9a64bfa1edc9122eacc0388f93
5c98fdd93666e926d506a4b4d426b38b5cd49b17572a78a16d4dd67a7828a0df
GET /it/u=1361956245,2250308732&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 18462
expires: Wed, 22 Feb 2023 13:27:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c8f9ce67fd6077d06c8537393119eeb4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 13:27:47 GMT
ohc-cache-hit: lz3ct61 [1], bdix158 [4]
ohc-file-size: 18462
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500
125.74.42.35200 OK 37 kB URL HTTP/2 img2.baidu.com/it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 801x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f8683e2bc898ed151ae034e564f14d8
46d4cad11b445327b0f8f4d2ef620f5efd73b4b8
c45788b33fe221bc1397702efed93851d76b2b84f3e7c195b7a5f10c611cee11
GET /it/u=3969148414,1844842425&fm=253&fmt=auto&app=138&f=JPEG?w=801&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 36966
expires: Fri, 10 Feb 2023 21:18:43 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 6f8683e2bc898ed151ae034e564f14d8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:18:43 GMT
ohc-cache-hit: lz3ct73 [1], xiangyix73 [4]
ohc-file-size: 36966
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500
125.74.42.35200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 338x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b763f2f696ac7ceafb89e8e2a2b01236
89ff596034a278ed43f089591de0154c83593130
7c35b2eeee36a9ca8d747c3cf4ebf5563c864070beb99aed8a12baca62a32872
GET /it/u=166028379,2365782835&fm=253&fmt=auto&app=138&f=JPEG?w=338&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 16638
expires: Fri, 10 Feb 2023 21:18:26 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: b763f2f696ac7ceafb89e8e2a2b01236
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:18:26 GMT
ohc-cache-hit: lz3ct69 [1], xiangyix69 [4]
ohc-file-size: 16638
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
125.74.42.35200 OK 4.9 kB URL HTTP/2 img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 170x198, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11e0ff068194a43f900eab02108a19b3
41275924e29a24a9a358d4be1322bc85185cd8eb
e1471974f4607a9ce99bf87c0265bcfb0c6e2ef8f7516772f1fd12d066b3119b
GET /it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 4882
expires: Mon, 06 Feb 2023 04:37:09 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 11e0ff068194a43f900eab02108a19b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:37:09 GMT
ohc-cache-hit: lz3ct88 [1], csix88 [4]
ohc-file-size: 4882
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
125.64.104.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dcd362b1ddfc8d68597a59f74d54b570
fdf68f16ea6b6ff1dcf83de8fbc7ef94f0a8c06d
bdec33cdb146c96b089d4f6cf722f875b11ad17ae78f29890b833d3cce3d974e
GET /it/u=1626868025,1214636017&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 28148
expires: Sun, 19 Feb 2023 19:17:01 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: dcd362b1ddfc8d68597a59f74d54b570
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 19:17:01 GMT
ohc-cache-hit: dy2ct51 [1], czix51 [4]
ohc-file-size: 28148
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423
125.64.104.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5fe58c19bff814596d34c115018a1a30
e9a49854bb0693acad8b8760eda6e9d6e0a87f89
36cc1d17383ebf5afdfe84ea9487d81d4fd79eefa1632f15a8718976edbb891d
GET /it/u=1237703207,566412402&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=423 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 13682
expires: Mon, 20 Feb 2023 04:32:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5fe58c19bff814596d34c115018a1a30
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:32:03 GMT
ohc-cache-hit: dy2ct107 [1], qdix107 [4]
ohc-file-size: 13682
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
125.64.104.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1eb2a3c8b1228cbd5541ce32726ab4e
28bdce5010cd7d9d9b4e0805495dd73dd9cd9e61
3150c0897b9f9c6342d52a25c5cd223e43fe812fc8055509f749c578a1fb6273
GET /it/u=746247332,2521031213&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 22810
expires: Fri, 10 Feb 2023 07:57:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e1eb2a3c8b1228cbd5541ce32726ab4e
age: 37756
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 07:57:48 GMT
ohc-cache-hit: dy2ct116 [4], csix117 [4]
ohc-file-size: 22810
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233
125.74.42.35200 OK 11 kB URL HTTP/2 img2.baidu.com/it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233
IP 125.74.42.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 310x233, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0455e81f1a69a311e4bf48ce9639ae20
9dbfa708cd839caecb11f69f923005803ad51c82
3f80bd46279cab3cbb5f029611b8449ff0aab75da1f42ee3ac7a37c3bda6fd2c
GET /it/u=2109690570,1907821080&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=233 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 10868
expires: Sun, 12 Feb 2023 18:30:33 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 0455e81f1a69a311e4bf48ce9639ae20
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 18:30:33 GMT
ohc-cache-hit: lz3ct74 [1], wzix98 [4]
ohc-file-size: 10868
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
125.64.104.35200 OK 92 kB URL HTTP/1.1 img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 69d54b5f725aaa87c8a71a77f4cc38b6
a35fed891e225cd5bfe2754447670bfa4fe42336
2d1986aefbddf89ebb01171bab46b28fcd41d6ad11f962ecf9a0752716373276
GET /it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:40 GMT
Content-Type: image/jpeg
Content-Length: 91516
Connection: keep-alive
Expires: Sun, 05 Mar 2023 14:32:19 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 69d54b5f725aaa87c8a71a77f4cc38b6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 14:32:19 GMT
Ohc-Cache-HIT: dy2ct73 [1], xaix196 [2]
Ohc-File-Size: 91516
X-Cache-Status: MISS
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
101.198.192.7200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 16:05:41 GMT
KCS-Via: REVALIDATED from w-fc01.hkht;MISS from w-sc01.hkht
Content-Encoding: gzip
img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
125.64.104.35200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e39b5668dc23b0158ee938e0c1aa3d15
f49e076f6263487e76f673763ba6a393a8cbd846
301cf935892094b7be50488fbbd48bad966416c74c155e602d6550a68596e9ee
GET /it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:55:40 GMT
content-type: image/webp
content-length: 36472
expires: Mon, 20 Feb 2023 09:56:29 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e39b5668dc23b0158ee938e0c1aa3d15
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:56:29 GMT
ohc-cache-hit: dy2ct52 [1], wzix52 [4]
ohc-file-size: 36472
x-cache-status: MISS
X-Firefox-Spdy: h2
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
180.97.251.250200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 15:31:52 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 15:31:52 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675524712
via: cache18.l2ea120-8[68,67,200-0,M], cache78.l2ea120-8[69,0], cache8.cn2205[0,0,200-0,H], cache14.cn2205[1,0]
age: 1429
x-cache: HIT TCP_HIT dirn:13:837765258
x-swift-savetime: Sat, 04 Feb 2023 15:31:52 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb2a16755261413017195e
X-Firefox-Spdy: h2
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.11200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.11:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pSwIVcAlomjhy_kjhvfYnYGdrqQ5iX1sooKJPfgDH76iJb_rXWt9lg==
Age: 11369236
img2.baidu.com/it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800
180.97.66.35200 OK 57 kB URL HTTP/1.1 img2.baidu.com/it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800
IP 180.97.66.35:0
ASN #140292 CHINATELECOM Jiangsu province Suzhou 5G network
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash 6a77f6a2d329a2362fcf361d8b6860cb
fae32c470359625df04efa38b825922b3020db24
9339b7ab972e95c564fafedf2965d6e68529b0fe51fc47817d36cde7efefd19f
GET /it/u=3775238570,3433685940&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:55:41 GMT
Content-Type: image/jpeg
Content-Length: 56600
Connection: keep-alive
Expires: Sun, 12 Feb 2023 12:42:17 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 6a77f6a2d329a2362fcf361d8b6860cb
Age: 506461
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 12:42:17 GMT
Ohc-Cache-HIT: suz2ct57 [4], qdix248 [4]
Ohc-File-Size: 56600
X-Cache-Status: HIT
s.360.cn/so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08
171.13.14.66200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08
IP 171.13.14.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08 HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 15:55:42 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Thu, 01 Aug 2019 13:00:32 GMT
Connection: keep-alive
ETag: "5d42e270-0"
Accept-Ranges: bytes
12228.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12228.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675526176; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675526176
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:55:42 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes