r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7166
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 07:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 07:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6823
Expires: Sat, 04 Feb 2023 09:40:23 GMT
Date: Sat, 04 Feb 2023 07:46:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 07:43:37 GMT
content-type: application/json
age: 183
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nnUZLa38D175ozH3EuTALLMNzbT9k9fVA4FTco0WI02hdYCytZbDIWrnyKoa3ovZVei/r9ezWAU=
x-amz-request-id: 0D8S7RHKW8J7F6YY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 06:52:44 GMT
age: 3236
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 07:46:40 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 07:07:19 GMT
age: 2361
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5752
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 07:46:40 GMT
Connection: keep-alive
12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 264bf013489ad67472ecd8d9dc5e4379
1be35cb08d7c73be5b739c588b3e3179a4cced7b
df53af79c0ab1eb71fb2ae798cf8b5c7becd057969dbd91a1c67feabf19ade74
Analyzer Verdict Alert fortinet Malware
GET /down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
35.162.173.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.173.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qd92IG1q+fVqyKaT5vicJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yf1Y+dF+cYkyXDjIcaHZw5eEpuI=
12688.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12688.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12688.url.tudown.com/template/company/955yx/js/searchword.js
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/js/searchword.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12688.url.tudown.com/template/company/955yx/js/week_rank.js
154.218.151.71200 OK 656 B URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/js/week_rank.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12688.url.tudown.com/template/company/955yx/js/script_index2.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/js/script_index2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12688.url.tudown.com/template/company/955yx/css/gb.css
154.218.151.71200 OK 47 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/css/gb.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12688.url.tudown.com/template/company/955yx/js/api.js
154.218.151.71200 OK 22 B URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/js/api.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12688.url.tudown.com/template/company/955yx/js/gb.js
154.218.151.71200 OK 7.7 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/js/gb.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12688.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:41 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Sat, 04 Feb 2023 19:46:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2696
Expires: Sat, 04 Feb 2023 08:31:38 GMT
Date: Sat, 04 Feb 2023 07:46:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6419
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:46:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6419
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:46:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6419
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:46:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 34570
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 34569
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 26759
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 35918
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 34392
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 34123
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12688.url.tudown.com/static/api/http://12688.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465414
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12688.url.tudown.com/static/api/http://12688.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465414
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Malware
GET /static/api/http://12688.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465414 HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12688.url.tudown.com/uploads/images/393864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/393864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/393864.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
12688.url.tudown.com/uploads/images/636131.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/636131.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/636131.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
12688.url.tudown.com/uploads/images/742012.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/742012.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/742012.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400
12688.url.tudown.com/template/company/955yx/images/home.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/images/home.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/template/company/955yx/css/gb.css
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
12688.url.tudown.com/uploads/images/797322.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/797322.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/797322.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1454938766,87126873&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
12688.url.tudown.com/uploads/images/155789.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/155789.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/155789.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2778721788,2640188208&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12688.url.tudown.com/uploads/images/77657.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/77657.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/77657.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3473871557,3571894127&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 07:46:42 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 07:46:42 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=0B5F5A96DAD008128E5EAA8497B0DD37:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 07:46:42 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
54.230.111.4200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12688.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Fri, 06 Jan 2023 02:40:18 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Mon, 03 Jan 2033 02:40:18 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nxRQJjrR-10xpSiETBYPgUu8wcUgqcqwsw8Xsx974gpHGdEAlPN3Fg==
age: 2523984
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fd85c457807ba420192d9fdb1e3b2e76
1309191996088c5e1bce3f6d5ca5b8ea2ff489ad
7d1c4dba2f7a95c9ec75b4f5abeb2b9d66abc8650424b896152f4d27fd3b4a8c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:27:25 GMT
ETag: "1309191996088c5e1bce3f6d5ca5b8ea2ff489ad"
Last-Modified: Sat, 04 Feb 2023 06:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2094
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941cb4989f50b49-OSL
12688.url.tudown.com/uploads/images/431627.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/431627.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/431627.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500
12688.url.tudown.com/uploads/images/171467.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/171467.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/171467.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12688.url.tudown.com/uploads/images/521104.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/521104.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/521104.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500
12688.url.tudown.com/uploads/images/109151.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/109151.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/109151.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4102821375,2549610597&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=417
12688.url.tudown.com/uploads/images/458694.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/458694.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/458694.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1401270428,2174509979&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=705
s.360.cn/so/zz.gif?url=http%3A%2F%2F12688.url.tudown.com%2Fdown%2F2017%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%25985.5%25E9%2599%2590%25E9%2580%259F%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%25E4%25B8%258B%25E8%25BD%25BD%40409_19260.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b036f229815_2950f42@dDbB
101.198.2.147200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12688.url.tudown.com%2Fdown%2F2017%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%25985.5%25E9%2599%2590%25E9%2580%259F%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%25E4%25B8%258B%25E8%25BD%25BD%40409_19260.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b036f229815_2950f42@dDbB
IP 101.198.2.147:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12688.url.tudown.com%2Fdown%2F2017%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%25985.5%25E9%2599%2590%25E9%2580%259F%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%25E4%25B8%258B%25E8%25BD%25BD%40409_19260.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b036f229815_2950f42@dDbB HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 31 May 2022 08:31:56 GMT
Connection: keep-alive
ETag: "6295d27c-0"
Accept-Ranges: bytes
12688.url.tudown.com/uploads/images/430623.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/430623.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/430623.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800
api.share.baidu.com/s.gif?l=http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 07:46:43 GMT
12688.url.tudown.com/uploads/images/23079.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/23079.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/23079.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=977569126,1075177452&fm=253&fmt=auto?w=1422&h=800
12688.url.tudown.com/uploads/images/626867.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/626867.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/626867.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2828503894,2715233170&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=282
12688.url.tudown.com/uploads/images/390809.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/390809.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/390809.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800
12688.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675496837333
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12688.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675496837333
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash fe5b202d74150f848cd1efbd61f0eed2
8b80e51439cdecabdf96c9c1ac628e47e4417d6e
14cfcdf747ed067d0708e47ef1e0143de54610078766d251b0bb27c1aea718d6
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675496837333 HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12688.url.tudown.com/template/company/955yx/images/bgs.png
154.218.151.71200 OK 101 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/images/bgs.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/template/company/955yx/css/gb.css
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:42 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
12688.url.tudown.com/template/company/955yx/images/litterstar.png
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 12688.url.tudown.com/template/company/955yx/images/litterstar.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/template/company/955yx/css/gb.css
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
12688.url.tudown.com/uploads/images/854556.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/854556.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/854556.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
12688.url.tudown.com/uploads/images/84724.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/84724.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/84724.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12688.url.tudown.com/uploads/images/95388.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/95388.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/95388.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500
12688.url.tudown.com/api.php?op=digg&action=show&id=23038
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12688.url.tudown.com/api.php?op=digg&action=show&id=23038
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash ca129d2c01408dfe9c3ad3331c0337de
5f03786a045afd0657df966d006191180c7411ce
6291babaffc2cbcf62281882e3ada7893c531d34a1eed4e2469b62b4eb86a06b
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12688.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 07:46:43 GMT
Etag: a871837c844e0831bc1b35dd077d540f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8C78ADA38BB8ED2C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12688.url.tudown.com/uploads/images/910084.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/910084.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/910084.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1355982821,76492303&fm=253&app=120&f=JPEG?w=1000&h=800
12688.url.tudown.com/uploads/images/759060.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/759060.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/759060.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
12688.url.tudown.com/uploads/images/550127.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/550127.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/550127.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
12688.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12688.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 90612b96699e4e386cfe7c320ec01cad
ebb845bd7ba11914fea0723bfe7b98dcf385f8d8
3dbb17324c55887dd337c8396abcd3d41bca6e5dde10371605e33915d38b4df0
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12688.url.tudown.com/uploads/images/692182.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/692182.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/692182.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=926524507,2247053882&fm=224&app=112&f=JPEG?w=500&h=313
12688.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 12688.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 12457dd80040e2f703389509d0dc64c4
35db87c103712c1e997adbc54522f4529084687e
4982c06e0b00028846b865793bfee2e1dba2ab413efbd6bcb1c5b93ee2979636
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12688.url.tudown.com/uploads/images/812078.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/812078.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/812078.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1083465254,1272113126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=340
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=615777985&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=29028&r=0&ww=1280&u=http%3A%2F%2F12688.url.tudown.com%2Fdown%2F2017%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%25985.5%25E9%2599%2590%25E9%2580%259F%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%25E4%25B8%258B%25E8%25BD%25BD%40409_19260.exe&tt=%E7%9C%9F%E4%BA%BA%E7%94%B3%E6%85%B1(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=615777985&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=29028&r=0&ww=1280&u=http%3A%2F%2F12688.url.tudown.com%2Fdown%2F2017%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%25985.5%25E9%2599%2590%25E9%2580%259F%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%25E4%25B8%258B%25E8%25BD%25BD%40409_19260.exe&tt=%E7%9C%9F%E4%BA%BA%E7%94%B3%E6%85%B1(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=615777985&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=29028&r=0&ww=1280&u=http%3A%2F%2F12688.url.tudown.com%2Fdown%2F2017%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%25985.5%25E9%2599%2590%25E9%2580%259F%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%25E4%25B8%258B%25E8%25BD%25BD%40409_19260.exe&tt=%E7%9C%9F%E4%BA%BA%E7%94%B3%E6%85%B1(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12688.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 07:46:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=14DF4DC5124E3946; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
t14.baidu.com/it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t14.baidu.com/it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5446a0cc93f154a51580a12b3a81ebe6
8c933e6c93df7f3a8d4c1d7ce0d558dee60369a0
2a3d74952b970ee8e17c8dc42695ab2559df40038d88cc6d5b2dae7a24b98525
GET /it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 44598
Connection: keep-alive
Expires: Sun, 05 Mar 2023 11:30:47 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5446a0cc93f154a51580a12b3a81ebe6
Age: 3822
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 11:30:47 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache59 [1], wzix111 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44598
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t13.baidu.com/it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 859cbd8ef4d88527a1b937b26b1320ac
07e4e890a3264ca17866ab037bc8db5074a0d1d1
f1b3c9ce9d36f0adf1521fa28890f85298be1220028a8e0234b10b53a54f3d86
GET /it/u=2898336236,3761376480&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 44708
Connection: keep-alive
Expires: Sun, 05 Feb 2023 15:48:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 859cbd8ef4d88527a1b937b26b1320ac
Age: 2006880
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 15:48:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache51 [4], wzix76 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44708
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash edf4ad25ab65fa23ebe15f4bb984b34e
315d82965a037c56262a0977c2a0efd042a0f01c
e0d5c37c5dfe33e9bfa360eb720c7e6d8bd1e25f88d2b69a7cecc196bc1631a7
GET /it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 53640
Connection: keep-alive
Expires: Wed, 15 Feb 2023 22:43:33 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: edf4ad25ab65fa23ebe15f4bb984b34e
Age: 1571629
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 22:43:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache56 [1], qdix174 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53640
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=926524507,2247053882&fm=224&app=112&f=JPEG?w=500&h=313
185.10.104.124200 OK 34 kB URL HTTP/1.1 t14.baidu.com/it/u=926524507,2247053882&fm=224&app=112&f=JPEG?w=500&h=313
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x313, components 3\012- data
Hash 325901f5c93662ccc07142fef0ab6c89
2a9ad9091ff9b6fa2acf6a752e138150ee8d9b0a
ad1b8fcf6ee008519a8da8707c64410db04c2457b877bfd566358fe948585cd6
GET /it/u=926524507,2247053882&fm=224&app=112&f=JPEG?w=500&h=313 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 33845
Connection: keep-alive
Expires: Sat, 04 Mar 2023 11:52:31 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 325901f5c93662ccc07142fef0ab6c89
Age: 2401
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 11:52:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache56 [1], xiangyix171 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33845
X-Cache-Status: HIT
Timing-Allow-Origin: *
12688.url.tudown.com/uploads/images/952392.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/952392.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/952392.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3869744694,1622636043&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
12688.url.tudown.com/uploads/images/328841.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/328841.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/328841.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1619949058,2671436038&fm=224&app=112&f=PNG?w=500&h=500
12688.url.tudown.com/uploads/images/901093.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/901093.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/901093.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2511547763,220038867&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12688.url.tudown.com/uploads/images/693008.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/693008.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/693008.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3337457968,1285208323&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=1619949058,2671436038&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 455 kB URL HTTP/1.1 t15.baidu.com/it/u=1619949058,2671436038&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 455 kB (455235 bytes)
Hash e9a861e525dff41b0add6dbfcc20baf6
229e69bcf7f8e542a20931df07fdcffbdb7cefb7
4f0d6720eb31dbeade097144deb4b04e03884ae4db8fab97f755619c82d2b133
GET /it/u=1619949058,2671436038&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/png
Content-Length: 455235
Connection: keep-alive
Expires: Fri, 17 Feb 2023 17:22:43 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e9a861e525dff41b0add6dbfcc20baf6
Age: 540039
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 17:22:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], bduncache78 [3], czix235 [3]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 455235
X-Cache-Status: HIT
Timing-Allow-Origin: *
12688.url.tudown.com/uploads/images/803206.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/803206.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/803206.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1952361642,3467751595&fm=253&fmt=auto&app=138&f=JPEG?w=486&h=900
t15.baidu.com/it/u=3337457968,1285208323&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t15.baidu.com/it/u=3337457968,1285208323&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a77cc0653b99037c399c3fc52a510bda
1cbabc4535f4f8cc22b93509da36060f6b2549ee
781bb195b6a6c21991f195182e0eb8178666c961baaa047e8688184a6bdd033e
GET /it/u=3337457968,1285208323&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 48913
Connection: keep-alive
Expires: Sun, 05 Feb 2023 03:24:48 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: a77cc0653b99037c399c3fc52a510bda
Age: 2021473
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 03:24:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache57 [2], bdix232 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48913
X-Cache-Status: HIT
Timing-Allow-Origin: *
12688.url.tudown.com/uploads/images/894472.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/894472.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/894472.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img0.baidu.com/it/u=2778721788,2640188208&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
182.242.59.35200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=2778721788,2640188208&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1daf84a59a2dfe8d64015c142d4af772
8dd96a91d831225a5661767c602404494f619302
e19186041d6ab1d41fdec65344ed618d42fc6144711f6ae3d26efa57fd140b25
GET /it/u=2778721788,2640188208&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 11560
expires: Wed, 22 Feb 2023 11:22:37 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 1daf84a59a2dfe8d64015c142d4af772
age: 84292
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 11:22:37 GMT
ohc-cache-hit: km7ct50 [4], xaix200 [2]
ohc-file-size: 11560
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1355982821,76492303&fm=253&app=120&f=JPEG?w=1000&h=800
125.74.40.35200 OK 95 kB URL HTTP/1.1 img2.baidu.com/it/u=1355982821,76492303&fm=253&app=120&f=JPEG?w=1000&h=800
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1000x800, components 3\012- data
Hash 9bfa63baf83200001fa0dcb412700656
a64b3d29af9961e4f383787fe83b754fdbba35b1
ef5ebeff92e6d221de8abcb0c0943b8cd18c5e5f8eb8007ab22d12c351a5a517
GET /it/u=1355982821,76492303&fm=253&app=120&f=JPEG?w=1000&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 95200
Connection: keep-alive
Expires: Tue, 28 Feb 2023 19:18:30 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 9bfa63baf83200001fa0dcb412700656
Age: 2515
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 19:18:30 GMT
Ohc-Cache-HIT: plct58 [4], qdix124 [2]
Ohc-File-Size: 95200
X-Cache-Status: HIT
img0.baidu.com/it/u=1454938766,87126873&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
182.242.59.35200 OK 2.7 kB URL HTTP/2 img0.baidu.com/it/u=1454938766,87126873&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 220x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash edb6f5175ac9b9fcbed575dc01c8b6ee
ec5254453dd819113faf4d71935ac72648fe3705
bf143decaaf3361366cab70a368be1e4a87d7476a2340d9af6bbe07950e8bdf8
GET /it/u=1454938766,87126873&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 2744
expires: Mon, 06 Feb 2023 14:04:35 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: edb6f5175ac9b9fcbed575dc01c8b6ee
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 14:04:35 GMT
ohc-cache-hit: km7ct63 [1], wzix63 [4]
ohc-file-size: 2744
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
125.74.40.35200 OK 62 kB URL HTTP/1.1 img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 09e8e409ceeaf1fbcbd17d303a66265a
1d98edcf4cf77ee1ac9f591af1a6398d18466bf9
55b6464263efa42751a90c05c96b4ea0223175f8e937a655f24d09efa5e1fcb1
GET /it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 62081
Connection: keep-alive
Expires: Mon, 27 Feb 2023 01:43:13 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 09e8e409ceeaf1fbcbd17d303a66265a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 01:43:13 GMT
Ohc-Cache-HIT: plct69 [1], czix206 [2]
Ohc-File-Size: 62081
X-Cache-Status: MISS
img2.baidu.com/it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500
125.74.40.35200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 814x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b77a6663cf2e680e861a3713bdbb9f8
28f8238dc4b0484169215a41ea580548208c64b3
1af95284389bd8ceafa81a19d9da3d652e952e5189bccf1703b8b509566c230c
GET /it/u=3840992693,2172622135&fm=253&fmt=auto&app=138&f=JPEG?w=814&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 25964
expires: Sun, 19 Feb 2023 14:58:36 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 4b77a6663cf2e680e861a3713bdbb9f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 14:58:36 GMT
ohc-cache-hit: plct53 [1], xiangyix179 [2]
ohc-file-size: 25964
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/105244.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/105244.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/105244.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12688.url.tudown.com/uploads/images/483598.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/483598.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/483598.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120
img1.baidu.com/it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
125.74.40.35200 OK 52 kB URL HTTP/2 img1.baidu.com/it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 850cf12d06b3e2380e049ceff4843b49
52b74a00563203f8feaba2ff7a20065ef7ba34c2
1466b0cabb5fc2f4a3d025f6e3893ab4da6198a1535b4556346aa311a45e47f1
GET /it/u=599747228,3100050536&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 51450
expires: Mon, 20 Feb 2023 06:21:02 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 850cf12d06b3e2380e049ceff4843b49
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:21:02 GMT
ohc-cache-hit: plct58 [2], wzix97 [2]
ohc-file-size: 51450
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/724209.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/724209.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/724209.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
img1.baidu.com/it/u=977569126,1075177452&fm=253&fmt=auto?w=1422&h=800
125.74.40.35200 OK 33 kB URL HTTP/2 img1.baidu.com/it/u=977569126,1075177452&fm=253&fmt=auto?w=1422&h=800
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b37c212e96e31ec4af64c50d9a1a8ac1
5abf096d71ae5c21e0ddb0fbfacd347df22c4540
648b048bf0293a98b4bf0e5be39d4dda3edce3c10a927e91cf2a1e922cf8b579
GET /it/u=977569126,1075177452&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 33328
expires: Tue, 14 Feb 2023 08:18:46 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: b37c212e96e31ec4af64c50d9a1a8ac1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:18:46 GMT
ohc-cache-hit: plct63 [1], qdix84 [2]
ohc-file-size: 33328
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/61841.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/61841.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/61841.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500
12688.url.tudown.com/uploads/images/358963.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/358963.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/358963.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1205761215,4062637848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img2.baidu.com/it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.40.35200 OK 117 kB URL HTTP/1.1 img2.baidu.com/it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 117 kB (117416 bytes)
Hash aca8a45af1cbd76ebb8b3de4fb880463
be6b3eafff5e554c501de6e52645edd4f187e156
9723e3e4684816edbb74c2e4808fa7b6260f73bf02fb26b485d77d40e228d63a
GET /it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 117416
Connection: keep-alive
Expires: Sat, 04 Feb 2023 13:56:08 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: aca8a45af1cbd76ebb8b3de4fb880463
Age: 8092
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 13:56:08 GMT
Ohc-Cache-HIT: plct66 [4], xaix211 [4]
Ohc-File-Size: 117416
X-Cache-Status: HIT
img0.baidu.com/it/u=1401270428,2174509979&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=705
182.242.59.35200 OK 38 kB URL HTTP/2 img0.baidu.com/it/u=1401270428,2174509979&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=705
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x705, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a938e4ee94af281b4c60a5050339aab
f99cc6ce123cf5820429017e7e658478cc26bdb9
35dfe2ce516404950594cc745a231683693bc8c579e18731cb55ed6bfcc8d4e7
GET /it/u=1401270428,2174509979&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=705 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 37688
expires: Fri, 17 Feb 2023 07:03:56 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 1a938e4ee94af281b4c60a5050339aab
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 07:03:56 GMT
ohc-cache-hit: km7ct57 [1], xaix57 [4]
ohc-file-size: 37688
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/397281.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/397281.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/397281.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1273602492,3468075043&fm=253&fmt=auto?w=120&h=80
img2.baidu.com/it/u=1952361642,3467751595&fm=253&fmt=auto&app=138&f=JPEG?w=486&h=900
125.74.40.35200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=1952361642,3467751595&fm=253&fmt=auto&app=138&f=JPEG?w=486&h=900
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 486x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a73bcf8db7b9ad99db62802a665cdecd
5798b0cf4d09c71dc60129d7151f031fccf87d8d
b0ccf8a572d8fa8e61bc7dd1a1d6d66514665b7c3fa2359c0ca907abfcf956ce
GET /it/u=1952361642,3467751595&fm=253&fmt=auto&app=138&f=JPEG?w=486&h=900 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 27044
expires: Fri, 17 Feb 2023 09:32:18 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a73bcf8db7b9ad99db62802a665cdecd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 09:32:18 GMT
ohc-cache-hit: plct58 [1], wzix109 [2]
ohc-file-size: 27044
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800
182.242.59.35200 OK 154 kB URL HTTP/1.1 img0.baidu.com/it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 154 kB (154234 bytes)
Hash c5b5892f42da7ecc3be2b997e89bff86
3394682d07078dc4aea97b6bad70b6a6a49724fe
2663dfecb4c615594440fa13db850d6c8fa2525d7f76686ce3e3c246848516a7
GET /it/u=3504917604,3676394702&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:44 GMT
Content-Type: image/jpeg
Content-Length: 154234
Connection: keep-alive
Expires: Sun, 12 Feb 2023 18:51:11 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: c5b5892f42da7ecc3be2b997e89bff86
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 18:51:11 GMT
Ohc-Cache-HIT: km7ct75 [2], xaix96 [4]
Ohc-File-Size: 154234
X-Cache-Status: MISS
img0.baidu.com/it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.242.59.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06e32e2cbccfeb9507286a2dff20a232
a7bc9ed8ae3e59eccb78c1eb85880a442fbf2d83
3231614da221c93f6eab7012d150e60f6f67cdd7ee71676fa02e0e2916bddec1
GET /it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 15968
expires: Fri, 24 Feb 2023 00:44:38 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 06e32e2cbccfeb9507286a2dff20a232
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 00:44:38 GMT
ohc-cache-hit: km7ct81 [1], bdix192 [4]
ohc-file-size: 15968
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2828503894,2715233170&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=282
182.242.59.35200 OK 3.9 kB URL HTTP/2 img0.baidu.com/it/u=2828503894,2715233170&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=282
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x282, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bdc850d90f29881cf492ebc6d810b911
0f54d586a32bf8065e1d75158064b6cb36ce6eb4
686f064fdc4104dcc0d6bfb57208bcbe9a904269a40b1b184a8bb8d1084cad24
GET /it/u=2828503894,2715233170&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=282 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 3854
expires: Wed, 22 Feb 2023 02:41:35 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: bdc850d90f29881cf492ebc6d810b911
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:41:35 GMT
ohc-cache-hit: km7ct80 [1], suzix248 [2]
ohc-file-size: 3854
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3473871557,3571894127&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
125.74.40.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=3473871557,3571894127&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b02551b66ab580713471fbf1a52cf8e
0aa895be030fd15bb3f4e0e66108c97cdf5dcb9f
594742d560951fcabd19f17c68d4218aba78ca30c514f63c217a626ba06b2d40
GET /it/u=3473871557,3571894127&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 27804
expires: Tue, 07 Feb 2023 06:58:53 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 1b02551b66ab580713471fbf1a52cf8e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 06:58:53 GMT
ohc-cache-hit: plct61 [1], bdix246 [4]
ohc-file-size: 27804
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
125.74.40.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47ad6cc1b07f19953b54e7d08cd2ee1b
9181bf6020a72d36140642354f4e8b32052519dd
54a6a9c78f576c85e1702c7d0dd15260844e309c200ef492d4de8be3f0e788b9
GET /it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 20408
expires: Tue, 21 Feb 2023 01:40:10 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 47ad6cc1b07f19953b54e7d08cd2ee1b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 01:40:10 GMT
ohc-cache-hit: plct54 [1], suzix136 [4]
ohc-file-size: 20408
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
125.74.40.35200 OK 10 kB URL HTTP/2 img1.baidu.com/it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3b1cc5368673b2598ca04fcfa94922b
74c04d2ba2e07084b69b1a28a071972cc2b8e7d7
79349cfd0c35914fa875cf87b02e7d7b0614564731290544426562ec378b34a5
GET /it/u=3071123345,2295429321&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 10442
expires: Tue, 14 Feb 2023 00:15:14 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: d3b1cc5368673b2598ca04fcfa94922b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 00:15:14 GMT
ohc-cache-hit: plct62 [1], xaix190 [2]
ohc-file-size: 10442
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1083465254,1272113126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=340
125.74.40.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=1083465254,1272113126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=340
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x340, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e74c59a71de46a7844aa534d648b105a
229a5f8e5992b4d3d9955a21c70d98a382a1b8c5
cca7f18648a68c0445d31826dc4d326581656d855064a0ece1832e905729ee22
GET /it/u=1083465254,1272113126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=340 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 16910
expires: Thu, 02 Mar 2023 02:54:11 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e74c59a71de46a7844aa534d648b105a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 02:54:11 GMT
ohc-cache-hit: plct60 [1], qdix221 [4]
ohc-file-size: 16910
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/734293.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/734293.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/734293.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=870196446,3174233940&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=664
12688.url.tudown.com/uploads/images/684726.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/684726.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/684726.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=52770355,1455149456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
img2.baidu.com/it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500
125.74.40.35200 OK 16 kB URL HTTP/1.1 img2.baidu.com/it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 264x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af05748af737c2b991c64190f5a7c6df
6495aaf1bc152cec54bb8ce813b93b6cf9292717
000560ca325a432534da07b6d95cfba7a4e0d9a670ed0c79782fb4acf6d9817d
GET /it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/webp
Content-Length: 15708
Connection: keep-alive
Expires: Mon, 20 Feb 2023 06:49:59 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: af05748af737c2b991c64190f5a7c6df
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 06:49:59 GMT
Ohc-Cache-HIT: plct68 [1], czix91 [2]
Ohc-File-Size: 15708
X-Cache-Status: MISS
img0.baidu.com/it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400
182.242.59.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 349x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13151e80bd2bc68837d89c8c314f98ea
58a74e8ff749747b03f0c9ed48ae5d9c1ab6577d
432646d5ddb723c144f55ab474b71876c5dff8edc8f236ce6fb20e3f3a2d1d28
GET /it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 30068
expires: Wed, 22 Feb 2023 02:45:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 13151e80bd2bc68837d89c8c314f98ea
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:45:23 GMT
ohc-cache-hit: km7ct63 [1], bdix144 [4]
ohc-file-size: 30068
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/565918.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/565918.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/565918.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3864745994,516937597&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.74.40.35200 OK 40 kB URL HTTP/2 img2.baidu.com/it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c15de9488c905a120609702c9040a4b
bb760db3c5093808a01577f1c43fb2ded60a1181
e8ac97bc6bc733519bd19d874ea5fd5b4f73ef5e5b39a2f50858f1c511b5ba35
GET /it/u=2395898416,1457217133&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 39462
expires: Fri, 10 Feb 2023 21:16:43 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9c15de9488c905a120609702c9040a4b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:16:43 GMT
ohc-cache-hit: plct69 [1], wzix85 [4]
ohc-file-size: 39462
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/976978.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/976978.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/976978.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3293541531,817802568&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12688.url.tudown.com/uploads/images/538266.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/538266.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/538266.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img2.baidu.com/it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.74.40.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21101cfb3a9b4f1579d5b1c9ce352960
54e45aa443a60626526f7ee794288c346a42cb1e
b5f7d7744c5f2ffc322cf028286e0e0698d62f6c95b7a364ba7f19c9db7d1c9d
GET /it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 18824
expires: Fri, 10 Feb 2023 19:31:04 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 21101cfb3a9b4f1579d5b1c9ce352960
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 19:31:04 GMT
ohc-cache-hit: plct56 [1], csix56 [4]
ohc-file-size: 18824
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1273602492,3468075043&fm=253&fmt=auto?w=120&h=80
125.74.40.35200 OK 2.5 kB URL HTTP/2 img2.baidu.com/it/u=1273602492,3468075043&fm=253&fmt=auto?w=120&h=80
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af43ef62f3eae99702bfd62875061d87
75bba11f425552902749c5f322cc41e341fdf98c
5d871185ca626e181caf0938345dbe23d65acd6951e8349f6bd19ebd750a5791
GET /it/u=1273602492,3468075043&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 2544
expires: Fri, 10 Feb 2023 10:59:55 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: af43ef62f3eae99702bfd62875061d87
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 10:59:55 GMT
ohc-cache-hit: plct68 [1], xiangyix221 [4]
ohc-file-size: 2544
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/283562.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/283562.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/283562.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3257038806,865507382&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=3257038806,865507382&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 21 kB URL HTTP/1.1 t15.baidu.com/it/u=3257038806,865507382&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b22d2fa358f0188be1d4e302b823b5ea
4dfc8e70736b160b12ca78a9004aece4023c821b
43daa1faac518e5813156e446873ae4943e7dca1fd85ef76390169afd45abb67
GET /it/u=3257038806,865507382&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpeg
Content-Length: 20695
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:13:40 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: b22d2fa358f0188be1d4e302b823b5ea
Age: 2022401
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 02:13:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache57 [4], czix135 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20695
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=4102821375,2549610597&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=417
182.242.59.35200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=4102821375,2549610597&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=417
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fecb4f0ac9989bb5d221ff3366a3a99e
e634b82751a5c46ec62136a760a718297dcd2428
3f89d1e1871755b322b69075bf1cb2660c863f00bb40ebac4ef23c6aa33d9089
GET /it/u=4102821375,2549610597&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=417 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 24104
expires: Wed, 01 Mar 2023 12:50:39 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: fecb4f0ac9989bb5d221ff3366a3a99e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 12:50:39 GMT
ohc-cache-hit: km7ct65 [1], wzix99 [4]
ohc-file-size: 24104
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=870196446,3174233940&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=664
125.74.40.35200 OK 10 kB URL HTTP/2 img2.baidu.com/it/u=870196446,3174233940&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=664
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x664, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 43cd8a9bbd76ac4f7afd6d3e0f7abf3c
dc4c611b58e9bae947153438e72c156d6fc95a78
88bbd959a6ddf6b08d76b57130daeeaaa3fec69d85ce8ae0ca0f4070a9f1725c
GET /it/u=870196446,3174233940&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=664 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 10272
expires: Sun, 26 Feb 2023 02:46:14 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 43cd8a9bbd76ac4f7afd6d3e0f7abf3c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 02:46:14 GMT
ohc-cache-hit: plct69 [1], czix178 [4]
ohc-file-size: 10272
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1205761215,4062637848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.74.40.35200 OK 51 kB URL HTTP/2 img1.baidu.com/it/u=1205761215,4062637848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e32b3b103ce6fe4bb56b2eafb9fa231
1f1c36a951093284635d9db9bafee00ed88e56e7
e9ccfcba39055c34053499ae95ed0319d941de7c659345642a9b94f0bc093f19
GET /it/u=1205761215,4062637848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 50964
expires: Fri, 24 Feb 2023 10:16:18 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 8e32b3b103ce6fe4bb56b2eafb9fa231
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 10:16:18 GMT
ohc-cache-hit: plct50 [1], csix50 [2]
ohc-file-size: 50964
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
182.242.59.35200 OK 49 kB URL HTTP/2 img0.baidu.com/it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3fe1b9fbb0e78b2c74dec7a30fb7cc5b
f21e64426105488e039ea698d4e4e749863a5751
6a273f4e23f26dcb0647acd40e2d25b1a8f02fe966c13de7f4093659e215d6a2
GET /it/u=2440319501,258488184&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 49088
expires: Mon, 20 Feb 2023 02:36:07 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3fe1b9fbb0e78b2c74dec7a30fb7cc5b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:36:07 GMT
ohc-cache-hit: km7ct79 [1], suzix104 [4]
ohc-file-size: 49088
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/logo.png?n=4s4ltzfytts3raxhss26llmq46tzdzukqdsy5aq&w=250
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12688.url.tudown.com/uploads/images/logo.png?n=4s4ltzfytts3raxhss26llmq46tzdzukqdsy5aq&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 6df8bc31431d68c0a5265ad7b9eb37e9
ac651f3615e2e186c582c9a0b8c1d71a86dd0f19
cc547979924c0a2df344f015f6ef06379f8ad4133f642a93b02c853381ed427a
GET /uploads/images/logo.png?n=4s4ltzfytts3raxhss26llmq46tzdzukqdsy5aq&w=250 HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12688.url.tudown.com/uploads/images/295767.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/295767.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/295767.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1091251535,1000523555&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=600
img0.baidu.com/it/u=3869744694,1622636043&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
182.242.59.35200 OK 45 kB URL HTTP/2 img0.baidu.com/it/u=3869744694,1622636043&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f28e1f0c7890b8635eebd6cc57dcfa0b
26419dccce5bf8543b8d9492794cfd2de5763ade
390c0a9ba2a48e7ef76046ade139281a9556272a3df5ebba738e5cdcda479843
GET /it/u=3869744694,1622636043&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 45380
expires: Sat, 04 Mar 2023 04:21:12 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: f28e1f0c7890b8635eebd6cc57dcfa0b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 04:21:12 GMT
ohc-cache-hit: km7ct68 [1], qdix225 [4]
ohc-file-size: 45380
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2511547763,220038867&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
182.242.59.35200 OK 5.6 kB URL HTTP/2 img0.baidu.com/it/u=2511547763,220038867&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6d16086642899cfbb0ca21c7e9cad4d1
2ab6a0674e7950d2cbaf43abe48f05d4013202f8
038560accd397f087de750de0837274d5c650346b2d607799654a54d2ff4e690
GET /it/u=2511547763,220038867&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:44 GMT
content-type: image/webp
content-length: 5560
expires: Sat, 04 Mar 2023 04:01:37 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 6d16086642899cfbb0ca21c7e9cad4d1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 04:01:37 GMT
ohc-cache-hit: km7ct79 [1], csix106 [4]
ohc-file-size: 5560
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120
182.242.59.35200 OK 1.6 kB URL HTTP/2 img0.baidu.com/it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 788077e0be82b7124a0eb4e67b3d44f3
1dbac363a159c0dde67f3e8cc636de1d29a8597a
8ca8008d933b4b1daafc86b769f12904b69427cf29eb242613922caeb2b0b548
GET /it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 1632
expires: Mon, 06 Feb 2023 03:59:29 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 788077e0be82b7124a0eb4e67b3d44f3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 03:59:28 GMT
ohc-cache-hit: km7ct50 [1], qdix136 [2]
ohc-file-size: 1632
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3864745994,516937597&fm=253&app=120&f=JPEG?w=1280&h=800
182.242.59.35200 OK 107 kB URL HTTP/1.1 img0.baidu.com/it/u=3864745994,516937597&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 107 kB (107333 bytes)
Hash 3ede25f3e869037549c3d37689cbacff
99717cdefc8d91cb7e53bb9e67eebff96bb5d5a9
ff70a60e8c3f4c9071f3dee3be7e166210dd9e554eb7b8b8b27b98edb1519090
GET /it/u=3864745994,516937597&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpeg
Content-Length: 107333
Connection: keep-alive
Expires: Thu, 09 Feb 2023 01:54:55 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 3ede25f3e869037549c3d37689cbacff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 01:54:55 GMT
Ohc-Cache-HIT: km7ct65 [1], xiangyix100 [2]
Ohc-File-Size: 107333
X-Cache-Status: MISS
img2.baidu.com/it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
125.74.40.35200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5c79f62556b957935cda232e14452cb3
f746167265ab9ced84957c542e0573942b59e0ed
49a47e1dcde433ba52c58c3d0cbbe6a8eda04dc51d85883beae1982ae7d308fe
GET /it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 26116
expires: Thu, 23 Feb 2023 13:49:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5c79f62556b957935cda232e14452cb3
age: 170324
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 13:49:22 GMT
ohc-cache-hit: plct70 [4], wzix70 [4]
ohc-file-size: 26116
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=52770355,1455149456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
182.242.59.35200 OK 37 kB URL HTTP/2 img0.baidu.com/it/u=52770355,1455149456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x375, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c40fb77d6062fa389c367d533be75a01
6e5c3e98cb5bcea6461ddec03dedd368e4502072
c9ab08b11c339c126ed66e4c640d66bd0fda37ad01be4e0ec8c186bdbcd37866
GET /it/u=52770355,1455149456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 36892
expires: Fri, 24 Feb 2023 13:30:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c40fb77d6062fa389c367d533be75a01
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 13:30:58 GMT
ohc-cache-hit: km7ct56 [1], czix138 [4]
ohc-file-size: 36892
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/588606.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/588606.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/588606.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1365399693,1774870876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
img0.baidu.com/it/u=3293541531,817802568&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
182.242.59.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=3293541531,817802568&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45b5a93cbd2192315bf6a530678372d3
59592d5dff2ecea7b3a799e97a826fb0b02333df
13f833668d45ba7be5d231a7b3be9b6d702e56edae805cd782fcc5c9c02658db
GET /it/u=3293541531,817802568&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 16634
expires: Thu, 09 Feb 2023 14:28:41 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 45b5a93cbd2192315bf6a530678372d3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 14:28:41 GMT
ohc-cache-hit: km7ct74 [1], qdix74 [2]
ohc-file-size: 16634
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/738047.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/738047.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/738047.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
12688.url.tudown.com/uploads/images/16525.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/16525.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/16525.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2005511031,364246486&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
12688.url.tudown.com/uploads/images/889747.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/889747.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/889747.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3760491114,4245030988&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
125.74.40.35200 OK 70 kB URL HTTP/1.1 img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash b9c425cadab90fe2f59fd2e873db00a4
128d4b541462eae7d1fc1cff427aeff815d61fa4
5629cf882b1527444494e5b446793c3c880a94b9c6e9fd21b5f068f9cf833952
GET /it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpeg
Content-Length: 70213
Connection: keep-alive
Expires: Fri, 24 Feb 2023 13:09:46 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: b9c425cadab90fe2f59fd2e873db00a4
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 13:09:46 GMT
Ohc-Cache-HIT: plct51 [1], bdix94 [2]
Ohc-File-Size: 70213
X-Cache-Status: MISS
t13.baidu.com/it/u=3760491114,4245030988&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t13.baidu.com/it/u=3760491114,4245030988&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9097ba5ae1f3307da053615704188738
68fb6a3a86627ee94994a1147849fc9293ddc15a
a0a56d0c179ec7a7cb9ba6180eeb9d1242edcbd98cb29f47f3289956ba9cc289
GET /it/u=3760491114,4245030988&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpeg
Content-Length: 36438
Connection: keep-alive
Expires: Fri, 24 Feb 2023 04:44:21 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9097ba5ae1f3307da053615704188738
Age: 539238
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 04:44:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache55 [1], bdix246 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36438
X-Cache-Status: HIT
Timing-Allow-Origin: *
12688.url.tudown.com/uploads/images/842351.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/842351.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842351.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=625876536,3385897261&fm=253&app=120&f=JPEG?w=200&h=200
12688.url.tudown.com/uploads/images/698117.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/698117.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/698117.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=4155613677,3247523822&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=4155613677,3247523822&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 20 kB URL HTTP/1.1 t13.baidu.com/it/u=4155613677,3247523822&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bc35d7df364928e6a566608ad7d5a326
893a9277508d645c6ce8ac7382783de7f7387b62
9228d8f5948791f4fb31cdfa9fae0d7137ddb9dcdc55debba6e2cd014dafb484
GET /it/u=4155613677,3247523822&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpeg
Content-Length: 19880
Connection: keep-alive
Expires: Wed, 08 Feb 2023 07:20:06 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: bc35d7df364928e6a566608ad7d5a326
Age: 357740
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 07:20:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache50 [1], qdix203 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 19880
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1091251535,1000523555&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=600
125.74.40.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=1091251535,1000523555&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=600
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash acd9b4de2346208daa34f5988492d631
f5d90716684f2e85ce4a60e1a602cd240e0d2e1d
4654cf6da3efb9d27194fa4b08b81e9632f59c5d385e8034230128dcb7361481
GET /it/u=1091251535,1000523555&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=600 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:45 GMT
content-type: image/webp
content-length: 30064
expires: Sun, 26 Feb 2023 04:32:00 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: acd9b4de2346208daa34f5988492d631
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 04:32:00 GMT
ohc-cache-hit: plct70 [1], czix221 [2]
ohc-file-size: 30064
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/412433.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/412433.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/412433.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=621327392,656608481&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
12688.url.tudown.com/uploads/images/222129.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/222129.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/222129.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3132515683,324514116&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737
12688.url.tudown.com/uploads/images/189894.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/189894.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/189894.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1910389554,3497051872&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=1910389554,3497051872&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t15.baidu.com/it/u=1910389554,3497051872&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6aa7d2d3f1475f540e983bf66298ae28
bd9483efb727f0bf9ef7a178b2d9ba190473df4f
e1cdbb2f6de96000e8012d021d5f0241a97056d9c3a460c245b652b2e1435bab
GET /it/u=1910389554,3497051872&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpeg
Content-Length: 33662
Connection: keep-alive
Expires: Sun, 12 Feb 2023 08:01:44 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 6aa7d2d3f1475f540e983bf66298ae28
Age: 1857459
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 08:01:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache55 [4], czix244 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33662
X-Cache-Status: HIT
Timing-Allow-Origin: *
12688.url.tudown.com/uploads/images/288944.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/288944.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/288944.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:45 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3603476578,2862965958&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
img2.baidu.com/it/u=625876536,3385897261&fm=253&app=120&f=JPEG?w=200&h=200
125.74.40.35200 OK 4.1 kB URL HTTP/1.1 img2.baidu.com/it/u=625876536,3385897261&fm=253&app=120&f=JPEG?w=200&h=200
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash bda1d5c321e8689fca058bdf683b676f
c11eefa3b96cd9fddf8196906b5f842765a8b3a7
8a1eda26196b90351dc3f5e136050cb473fd676716aa26496dd463d3e9338317
GET /it/u=625876536,3385897261&fm=253&app=120&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpeg
Content-Length: 4121
Connection: keep-alive
Expires: Tue, 14 Feb 2023 04:48:10 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bda1d5c321e8689fca058bdf683b676f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 04:48:10 GMT
Ohc-Cache-HIT: plct61 [1], suzix61 [4]
Ohc-File-Size: 4121
X-Cache-Status: MISS
img1.baidu.com/it/u=1365399693,1774870876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
125.74.40.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=1365399693,1774870876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x375, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 09616925a4f5519ce8172c84e1498bf3
b1edb8bacc86ade4cf73fc72cb6c5f6dae0f5c72
32c4519c33850c9f04c2900c749983d4d8292d2f31b0f263519405e6d5c46381
GET /it/u=1365399693,1774870876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 28076
expires: Tue, 21 Feb 2023 05:16:08 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 09616925a4f5519ce8172c84e1498bf3
age: 486
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:16:08 GMT
ohc-cache-hit: plct65 [4], czix205 [2]
ohc-file-size: 28076
x-cache-status: HIT
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/234887.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/234887.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/234887.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
img1.baidu.com/it/u=2005511031,364246486&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
125.74.40.35200 OK 18 kB URL HTTP/2 img1.baidu.com/it/u=2005511031,364246486&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0973bca1a75fa675bc91e3b2d6a7037
be4651e321ec3bc965b0eede1512dc256bf7d6ca
d45548c10993b289286865c128620ad36f0054d372b8bd1a980b2d95aecfe95e
GET /it/u=2005511031,364246486&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 18276
expires: Tue, 28 Feb 2023 03:32:11 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f0973bca1a75fa675bc91e3b2d6a7037
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 03:32:11 GMT
ohc-cache-hit: plct73 [1], xiangyix165 [4]
ohc-file-size: 18276
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/929656.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/929656.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/929656.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3176829337,1864742347&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12688.url.tudown.com/uploads/images/35172.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/35172.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/35172.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3449383363,1567123153&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=3132515683,324514116&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737
182.242.59.35200 OK 45 kB URL HTTP/2 img0.baidu.com/it/u=3132515683,324514116&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x737, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5084274249777a46e3b40836d27085a1
393587b5535e878c38801cbbebc92d40b5972ae1
6bdd26c7558836920015e2c70d449c46f9aad6f3317b9f0191ba591bc4907284
GET /it/u=3132515683,324514116&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 45008
expires: Fri, 17 Feb 2023 06:04:33 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 5084274249777a46e3b40836d27085a1
age: 173999
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:04:33 GMT
ohc-cache-hit: km7ct63 [4], suzix170 [2]
ohc-file-size: 45008
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3449383363,1567123153&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t15.baidu.com/it/u=3449383363,1567123153&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 071f1ed7211a8708e6826de65e1876ed
8283c1e824fb1f6960425ae39d6ab749db77fe84
d6d50f22434fa6b87b57bd2dc1a56e6c042b187e3b477516e60b89b2faab4d2e
GET /it/u=3449383363,1567123153&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpeg
Content-Length: 49312
Connection: keep-alive
Expires: Thu, 23 Feb 2023 13:33:38 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 071f1ed7211a8708e6826de65e1876ed
Age: 708427
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 13:33:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache56 [1], bdix214 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49312
X-Cache-Status: HIT
Timing-Allow-Origin: *
12688.url.tudown.com/uploads/images/721772.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/721772.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/721772.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
12688.url.tudown.com/uploads/images/717755.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/717755.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/717755.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2042280570,4175282921&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=795
img0.baidu.com/it/u=621327392,656608481&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
182.242.59.35200 OK 33 kB URL HTTP/2 img0.baidu.com/it/u=621327392,656608481&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x681, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5d3957bceeaa4f3512f2dff41b5f157
ff357426662fc18c7855e9a17b7ca35081ee4a51
4f768d63c47637b9a354be4c843428471e89bf366cc437dff9af652d39fea011
GET /it/u=621327392,656608481&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 33312
expires: Thu, 09 Feb 2023 16:37:56 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c5d3957bceeaa4f3512f2dff41b5f157
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 16:37:56 GMT
ohc-cache-hit: km7ct69 [1], csix100 [2]
ohc-file-size: 33312
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3603476578,2862965958&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
125.74.40.35200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=3603476578,2862965958&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 354x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57fd5efaf2513fd5d81f01ed6e2215ff
f5fec31a9173167dd21db44800904d6f2f038c66
2a8d2ce81845b238ce8f856ad0869c1052937b9251e44906229bc6bb5c214c9c
GET /it/u=3603476578,2862965958&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 26788
expires: Sat, 04 Mar 2023 01:21:28 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 57fd5efaf2513fd5d81f01ed6e2215ff
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 01:21:28 GMT
ohc-cache-hit: plct65 [1], csix65 [2]
ohc-file-size: 26788
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/uploads/images/673611.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12688.url.tudown.com/uploads/images/673611.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/673611.jpg HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3050098561,2661693437&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
125.74.40.35200 OK 99 kB URL HTTP/2 img1.baidu.com/it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e301f5beee92a620094d9c25693102f5
c082aa755295de208287c0604bf9fe89a797d677
7b56bd13ecc97a7c45e1af105e18e98d2a44ebdce7d133eea4ade5c586e47bd8
GET /it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 98974
expires: Tue, 28 Feb 2023 13:55:03 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e301f5beee92a620094d9c25693102f5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 13:55:03 GMT
ohc-cache-hit: plct58 [1], csix91 [2]
ohc-file-size: 98974
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
182.242.59.35200 OK 4.4 kB URL HTTP/2 img0.baidu.com/it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 220x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd9b711166b15a6d4f5a84a282d01387
962ecd3b3feae8ac57678a9e1fedecc7866a07b0
a6cb57b8a8c5332b0657410757a3f9bb67965670cb0ac44f530266fc5eb23b27
GET /it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 4416
expires: Sun, 05 Feb 2023 02:10:50 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: dd9b711166b15a6d4f5a84a282d01387
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 02:10:50 GMT
ohc-cache-hit: km7ct65 [1], wzix66 [4]
ohc-file-size: 4416
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3176829337,1864742347&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
125.74.40.35200 OK 66 kB URL HTTP/1.1 img2.baidu.com/it/u=3176829337,1864742347&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a0059e7089cc1dad2c73edb2aa74026
3821672754b456e1f45bfecff9e3180befe76200
e449b9c15fad6355c70eab5c80c2b0f49747b5aeefcf53a9e5221a158da34838
GET /it/u=3176829337,1864742347&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/webp
Content-Length: 65776
Connection: keep-alive
Expires: Wed, 01 Mar 2023 05:54:00 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 8a0059e7089cc1dad2c73edb2aa74026
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 30 Jan 2023 05:54:00 GMT
Ohc-Cache-HIT: plct65 [1], qdix102 [2]
Ohc-File-Size: 65776
X-Cache-Status: MISS
img0.baidu.com/it/u=2042280570,4175282921&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=795
182.242.59.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=2042280570,4175282921&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=795
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x795, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 786cca404e07e70d57b1c21a51463eb0
666e109239da8f0546c5cea1d2e7c6135c759df7
69e88efef6f78aa3a169030e25a8fd4204078d88ec0837977be1a0f125f1dd4f
GET /it/u=2042280570,4175282921&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=795 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 36002
expires: Sun, 05 Feb 2023 06:14:30 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 786cca404e07e70d57b1c21a51463eb0
age: 173972
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 06:14:30 GMT
ohc-cache-hit: km7ct78 [4], czix171 [4]
ohc-file-size: 36002
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3050098561,2661693437&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 48 kB URL HTTP/1.1 t13.baidu.com/it/u=3050098561,2661693437&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9d9d09eede355877fce2ea250514cbfa
0035565c9a2a975599765bac0115890dfafa02ba
053ad2ac736895f812f7edcc238f084c0b8886141189bb3d9bea0680f4effb00
GET /it/u=3050098561,2661693437&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12688.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 07:46:46 GMT
Content-Type: image/jpeg
Content-Length: 47881
Connection: keep-alive
Expires: Fri, 24 Feb 2023 13:50:24 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 9d9d09eede355877fce2ea250514cbfa
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 13:50:24 GMT
Ohc-Upstream-Trace: 113.142.198.140; 58.20.204.65
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache65 [1], xaix140 [2]
Ohc-Response-Time: 1 0 0 1 267 268
Ohc-File-Size: 47881
X-Cache-Status: MISS
Timing-Allow-Origin: *
img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
125.74.40.35200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
IP 125.74.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x447, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b37223ee558928daaa065ec85236fc80
fcb667eda6d4469bbbdff932cb19ec025b150f72
56d6f204f97b3acf1abe7f4388c3b7947a0a3dea2048790023f28f59d4f9268a
GET /it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12688.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 07:46:46 GMT
content-type: image/webp
content-length: 23550
expires: Tue, 28 Feb 2023 01:36:43 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b37223ee558928daaa065ec85236fc80
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 01:36:43 GMT
ohc-cache-hit: plct55 [1], xaix55 [2]
ohc-file-size: 23550
x-cache-status: MISS
X-Firefox-Spdy: h2
12688.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12688.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12688.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12688.url.tudown.com/down/2017%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%985.5%E9%99%90%E9%80%9F%E7%A0%B4%E8%A7%A3%E7%89%88%E4%B8%8B%E8%BD%BD@409_19260.exe
Cookie: __bid_n=1861afc9f6e11f02114207; FPTOKEN=NCqgHcsEFtrPCjig+wJrJXDMSBVGdtkWJ9KiosfcxuwM4T+4MBIN46TFaQ3AGtWqurEog1JH7+7AJ0VGKelBPpLaRNdoAoGw2yRtC49R2nb+fTrrLymI0UGa5q/luamZJWOBIO7ZHO+VYjqtNQCO9Pyydd6hy8uvS1fi+R3frsnIBABxg6T7ZXwsrX53FuoGBKGO+Q+gjfBoPboEKJ9RN/d0rdsv6HPfs31/DSahpOG4MsGq0EScQWvq3ktFQVDKjG8kz/bDb85LGltwKRjxCrziOfh8EvvTinMnS3lCF+IwqiIvT842ckizJcoXRBWphCpgfGLIF/eJg6Yx3Ry+kURiTvq4gMxUPPfcU88n8dhXT2vMfSPBsHFpLn8hzrpm/PYFIm8V3361mztp7HnlGQ==|suBpKvC0YiyzqpjFOEHUX0QFl0wMWHoROy/jyiGCNZs=|10|bbf43ff9fb65afddc38f2eaebf184fb6; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675496838; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675496838
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 07:46:47 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.87200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.87:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12688.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Sat, 04 Feb 2023 07:38:52 GMT
cache-control: max-age=600
expires: Sat, 04 Feb 2023 07:48:41 GMT
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mH-XzOho2NiUdDCPrzLZNPPdrDEzMNzBe49wvEuWRYTmsf8xmhFlDg==
age: 480
X-Firefox-Spdy: h2