r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13217
Expires: Mon, 23 Jan 2023 06:51:54 GMT
Date: Mon, 23 Jan 2023 03:11:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16292
Expires: Mon, 23 Jan 2023 07:43:09 GMT
Date: Mon, 23 Jan 2023 03:11:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 02:34:55 GMT
content-type: application/json
age: 2202
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Mon, 23 Jan 2023 03:52:19 GMT
Date: Mon, 23 Jan 2023 03:11:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: D/KWECSfrmwRWE6gsZsqNxUusv7GGnGrTwR/BGGMOJ6I6dFVcgyEHCkmrEzFBNA6ZTajcdPY+dIIBC2Y3TzBtw==
x-amz-request-id: 10HCGHT514T127GF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 02:47:32 GMT
age: 1445
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:11:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 02:17:30 GMT
age: 3248
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash e60fc825804a8307c0aea93d5134ec70
710f8fd963cfccdb2e19c1591d54828a066d526a
a074ab6d2a6dd865e18b994c9aa02e137d361efab7afec1ce0cf9dbdf92df9b1
Analyzer Verdict Alert fortinet Malware
GET /down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1603
Cache-Control: max-age=109311
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 03:11:38 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 09:33:29 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.83.202.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.202.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vM7qtFtWApG8RL7AEEXSug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xugQA8Im/UAUOITstYxofVqFWsM=
12837.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12837.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12837.url.tudown.com/template/company/955yx/js/searchword.js
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/js/searchword.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Mon, 23 Jan 2023 15:11:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12837.url.tudown.com/template/company/955yx/css/gb.css
154.218.151.71200 OK 47 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/css/gb.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:38 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Mon, 23 Jan 2023 15:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12837.url.tudown.com/template/company/955yx/js/week_rank.js
154.218.151.71200 OK 656 B URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/js/week_rank.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Mon, 23 Jan 2023 15:11:39 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12837.url.tudown.com/template/company/955yx/js/script_index2.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/js/script_index2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Mon, 23 Jan 2023 15:11:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12837.url.tudown.com/template/company/955yx/js/api.js
154.218.151.71200 OK 22 B URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/js/api.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Mon, 23 Jan 2023 15:11:39 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12837.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Mon, 23 Jan 2023 15:11:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12837.url.tudown.com/template/company/955yx/js/gb.js
154.218.151.71200 OK 7.7 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/js/gb.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Mon, 23 Jan 2023 15:11:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf2a2996f924432926abc984b4eb9ecc
9e76a3e44ec16e73be3f92e56910aeb4e7310f87
f301e297cf742b47279e1bf67f833cdb4f9032b4fcf9fbc93f9d3a3e3b865de5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F301E297CF742B47279E1BF67F833CDB4F9032B4FCF9FBC93F9D3A3E3B865DE5"
Last-Modified: Sat, 21 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11740
Expires: Mon, 23 Jan 2023 06:27:19 GMT
Date: Mon, 23 Jan 2023 03:11:39 GMT
Connection: keep-alive
12837.url.tudown.com/uploads/images/217148.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/217148.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/217148.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
12837.url.tudown.com/static/api/http://12837.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465122
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12837.url.tudown.com/static/api/http://12837.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465122
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Malware
GET /static/api/http://12837.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465122 HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12837.url.tudown.com/uploads/images/894857.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/894857.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/894857.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
12837.url.tudown.com/uploads/images/143829.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/143829.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/143829.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3553026769,3376642668&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=624
12837.url.tudown.com/uploads/images/836421.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/836421.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/836421.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
12837.url.tudown.com/uploads/images/236554.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/236554.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/236554.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=302929482,475810512&fm=253&fmt=auto?w=1422&h=800
12837.url.tudown.com/template/company/955yx/images/home.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/images/home.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
12837.url.tudown.com/uploads/images/799239.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/799239.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/799239.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3519654332,2263633379&fm=253&app=138&f=JPEG?w=500&h=800
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.58200 OK 584 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.58:0
File type HTML document, ASCII text, with very long lines (584), with no line terminators
Hash b94dc3ca6e83243795be58046dccbb74
4910cfd5a6910369e866c8f579c2a1a630649de1
09c4cd18f195c69e83f952f4c16d6446fd23421b1abbe8924f0af94234e23b33
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12837.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Mon, 23 Jan 2023 03:11:39 GMT
cache-control: max-age=600
expires: Mon, 23 Jan 2023 03:14:38 GMT
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jzQ4NtGcNG_BBT2ZxfCtD4NWuLmJF0l18Y1igI5eZRNSVv1rLnLQfg==
age: 421
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5630
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 03:11:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5630
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 03:11:39 GMT
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 23 Jan 2023 03:11:39 GMT
Etag: "4078521116"
Expires: Tue, 23 Jan 2024 03:11:39 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=0F94655BDB040ADCB96601C17E1D90E1:FG=1; max-age=31536000; expires=Tue, 23-Jan-24 03:11:39 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5630
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 03:11:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5629
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 03:11:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 19434
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5629
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 03:11:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: f7029218-f8dc-4b4e-bd14-fe461d09e75b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fGMBzECMoAMFR3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cbf3a4-38b6facb48574e8e380f750c;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 14:16:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 00vbOrBo8vZyWJmWzU8HcFbY9EWRYYEv0tC6DswWboh5gPgYxztWmg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 07:11:09 GMT
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
age: 72031
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a92d48898835ae8afbff3e369127fe13
90491b32adf6a6b7076ac63da4f2ab571f08920c
9060b3c090adc527e575c1d95d836db00a2136eeda09cdbb11e72ee8b4fa6216
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 9b314377-5aab-4d4f-9ff8-cf0dd5b0c516
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqthESYoAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57ef-163727d625b0751f61eca87d;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -IMqbZk5KhD9YfWwmqxfjDJEeU1LNMqmS9Z2UWQFcJl3uLHi8T4Zmg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:42:41 GMT
age: 84539
etag: "90491b32adf6a6b7076ac63da4f2ab571f08920c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: keWFs-Nhkuz7lUygleMuZ8TqK5mbLbs8IvnNtlNqknIW12DwwgswKg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:03 GMT
age: 18937
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9hYFY_BBaMWiasXJJzYqTe2Rb2fH06yFE0vuinlYA2V_lUaDjfmbg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:39 GMT
age: 14521
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 01:53:55 GMT
age: 4665
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.66.133:0
Hash 4edf5ed27a56bafd542c7ff2ba941097
0c33b7fa9d707f23e941a6c2955a4ac5529b75ef
46170a667785bd4c952c1ecae5840bf59706a55e0bc22eb0f2beb6de08a395d6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 27 Jan 2023 01:08:48 GMT
ETag: "0c33b7fa9d707f23e941a6c2955a4ac5529b75ef"
Last-Modified: Mon, 23 Jan 2023 01:08:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 23 Jan 2023 03:11:40 GMT
Age: 1406
X-Served-By: cache-qpg1274-QPG, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 17, 3
X-Timer: S1674443500.048043,VS0,VE0
12837.url.tudown.com/uploads/images/32356.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/32356.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/32356.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=932576940,434585048&fm=253&app=138&f=JPEG?w=800&h=500
12837.url.tudown.com/uploads/images/37751.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/37751.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/37751.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3516281913,4174734674&fm=253&app=120&f=JPEG?w=1422&h=800
t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 02c71792996413adf8ba45f77f6a5158
c2b0c33812c343dc3902141ac0b810a9ef79a2a8
3ae1e493cf1f1d206981280336c9b6bcefca4cc949a3065a494986c3ffeb43bc
GET /it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpeg
Content-Length: 57512
Connection: keep-alive
Expires: Fri, 10 Feb 2023 06:59:19 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 02c71792996413adf8ba45f77f6a5158
Age: 971558
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 06:59:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache61 [4], xaix61 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57512
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/uploads/images/724804.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/724804.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/724804.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889
12837.url.tudown.com/uploads/images/147111.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/147111.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/147111.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12837.url.tudown.com/uploads/images/411232.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/411232.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/411232.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 69 kB URL HTTP/1.1 t14.baidu.com/it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fe2b7036359fe3544fcf5aa8162518cc
04cafb2c01398c9605c2264f7ef2c806b75cf811
bdd322ec858dcb131b485a92c9d52573bb0a3c1e30005b7a2a65f5b4cc7d45d6
GET /it/u=3560705327,677340902&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 69288
Connection: keep-alive
Expires: Sun, 05 Feb 2023 17:41:47 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: fe2b7036359fe3544fcf5aa8162518cc
Age: 967425
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 17:41:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache62 [1], qdix91 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 69288
X-Cache-Status: HIT
Timing-Allow-Origin: *
s.360.cn/so/zz.gif?url=http%3A%2F%2F12837.url.tudown.com%2Fdown%2F%25E3%2580%258A%25E4%25B8%258A%25E5%258F%25A4%25E5%258D%25B7%25E8%25BD%25B45%25E3%2580%258B%25E5%25B0%25BC%25E5%25B0%2594%25E6%259C%25BA%25E6%25A2%25B0%25E7%25BA%25AA%25E5%2585%25832b%25E7%2589%25A9%25E7%2590%2586%25E5%258C%2596%25E6%259C%258D%25E8%25A3%2585mod%40353_68349.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b934f328865_2355f32@ddbo
180.163.251.230200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12837.url.tudown.com%2Fdown%2F%25E3%2580%258A%25E4%25B8%258A%25E5%258F%25A4%25E5%258D%25B7%25E8%25BD%25B45%25E3%2580%258B%25E5%25B0%25BC%25E5%25B0%2594%25E6%259C%25BA%25E6%25A2%25B0%25E7%25BA%25AA%25E5%2585%25832b%25E7%2589%25A9%25E7%2590%2586%25E5%258C%2596%25E6%259C%258D%25E8%25A3%2585mod%40353_68349.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b934f328865_2355f32@ddbo
IP 180.163.251.230:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12837.url.tudown.com%2Fdown%2F%25E3%2580%258A%25E4%25B8%258A%25E5%258F%25A4%25E5%258D%25B7%25E8%25BD%25B45%25E3%2580%258B%25E5%25B0%25BC%25E5%25B0%2594%25E6%259C%25BA%25E6%25A2%25B0%25E7%25BA%25AA%25E5%2585%25832b%25E7%2589%25A9%25E7%2590%2586%25E5%258C%2596%25E6%259C%258D%25E8%25A3%2585mod%40353_68349.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b934f328865_2355f32@ddbo HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:03:15 GMT
Connection: keep-alive
ETag: "5b5ac3b3-0"
Accept-Ranges: bytes
12837.url.tudown.com/uploads/images/553033.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/553033.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/553033.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2687211581,3088305163&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/338857.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/338857.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/338857.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3357647343,1819737634&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1029
12837.url.tudown.com/uploads/images/363702.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/363702.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/363702.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=412214339,2788339748&fm=224&app=112&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/891175.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/891175.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/891175.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1656422637,1600031748&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=1656422637,1600031748&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t14.baidu.com/it/u=1656422637,1600031748&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash efb653f68e7c0fbb8010dd8fbef4732d
b7f95f554604d94f2981f004dfdf81d96fe183ca
48cfdc8630be007a0a1b4d4dd88aa8181f697aaa00f9530e7c774aee10a17e3d
GET /it/u=1656422637,1600031748&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 40315
Connection: keep-alive
Expires: Fri, 27 Jan 2023 14:46:06 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: efb653f68e7c0fbb8010dd8fbef4732d
Age: 970717
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 14:46:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache64 [4], wzix64 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40315
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=412214339,2788339748&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t13.baidu.com/it/u=412214339,2788339748&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ab1d3a3409d90e7d31615422f1786cb0
f99b86cb3c80b43ba5ca48e8cd893bd914976323
0d190212c68974cec9ce9865f1b977ccfdd0f183ebf817de4289ca9fb9877891
GET /it/u=412214339,2788339748&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 44026
Connection: keep-alive
Expires: Fri, 10 Feb 2023 03:35:02 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: ab1d3a3409d90e7d31615422f1786cb0
Age: 972353
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 03:35:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache64 [4], suzix245 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44026
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674443498689
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 12837.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674443498689
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 6e95337a51ca0cfb3c94ad10b4172fab
d325e0a2ae1a47abb560ef57092879aeff085025
47277c03ddd9f3e30db0855e9539f0ba694c081eb5b881029f370bd5f68e5a85
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674443498689 HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img0.baidu.com/it/u=3553026769,3376642668&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=624
182.140.225.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=3553026769,3376642668&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=624
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x624, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3872e4816eb0fbb1b259d9edd757cd40
c0ee965083f5d24ea87496368c464f8f2aa9ab27
c1d262b07dd3279a03f1fab27681e7a4f61bc462718409923f561366b7e59a4d
GET /it/u=3553026769,3376642668&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=624 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 29060
expires: Sun, 12 Feb 2023 06:08:33 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 3872e4816eb0fbb1b259d9edd757cd40
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 06:08:33 GMT
ohc-cache-hit: cd5ct85 [1], czix140 [4]
ohc-file-size: 29060
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/template/company/955yx/images/litterstar.png
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/images/litterstar.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
12837.url.tudown.com/uploads/images/146325.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/146325.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/146325.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/788538.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/788538.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/788538.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2142482792,2704330803&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=326
12837.url.tudown.com/uploads/images/611062.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/611062.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/611062.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=889749734,2080983920&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=625
12837.url.tudown.com/template/company/955yx/images/bgs.png
154.218.151.71200 OK 101 kB URL HTTP/1.1 12837.url.tudown.com/template/company/955yx/images/bgs.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:39 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
img0.baidu.com/it/u=3519654332,2263633379&fm=253&app=138&f=JPEG?w=500&h=800
182.140.225.35200 OK 99 kB URL HTTP/1.1 img0.baidu.com/it/u=3519654332,2263633379&fm=253&app=138&f=JPEG?w=500&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash 6618283fe4bebc19cdcaf6825e8fdd43
cdfb27a258ed45ba770e9346631e2a9920b82b69
a1b3ba6beecf97a9c1f9a22c1d715b35ea0b03e74d6d66314dabc30554374471
GET /it/u=3519654332,2263633379&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 98582
Connection: keep-alive
Expires: Sat, 28 Jan 2023 15:28:15 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 6618283fe4bebc19cdcaf6825e8fdd43
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 15:28:15 GMT
Ohc-Cache-HIT: cd5ct52 [1], qdix52 [4]
Ohc-File-Size: 98582
X-Cache-Status: MISS
img1.baidu.com/it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889
182.106.158.35200 OK 48 kB URL HTTP/1.1 img1.baidu.com/it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 2774bb738bad52556ea40b7bac0d9f57
f0c532bb13b167b3521a34a516dea8771ae15a99
19b8dad7167f2981b5ab67be25b88b10ad76b817cfa9e220ac5dca47a58d535b
GET /it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 48394
Connection: keep-alive
Expires: Tue, 14 Feb 2023 23:51:35 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2774bb738bad52556ea40b7bac0d9f57
Age: 512199
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 23:51:35 GMT
Ohc-Cache-HIT: jjct68 [4], bdix218 [2]
Ohc-File-Size: 48394
X-Cache-Status: HIT
img1.baidu.com/it/u=2687211581,3088305163&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=2687211581,3088305163&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5be9f9aeeec71a7b2ab1cd05ed8e9920
14ba4a8caa2d375e1b01fb3caf4f02f3efb0b5cf
df69c292c66f2f5bec80de71f569060b213a5d389db6fccf8537ac8ad51b83dc
GET /it/u=2687211581,3088305163&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 22802
expires: Tue, 21 Feb 2023 03:24:18 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 5be9f9aeeec71a7b2ab1cd05ed8e9920
age: 72120
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:24:18 GMT
ohc-cache-hit: cd5ct66 [4], suzix218 [2]
ohc-file-size: 22802
x-cache-status: HIT
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/22338.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/22338.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/22338.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1135708367,4276067072&fm=253&fmt=auto&app=138&f=JPEG?w=260&h=300
img0.baidu.com/it/u=932576940,434585048&fm=253&app=138&f=JPEG?w=800&h=500
182.140.225.35200 OK 62 kB URL HTTP/1.1 img0.baidu.com/it/u=932576940,434585048&fm=253&app=138&f=JPEG?w=800&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 7762bf3f71bf08544e633918f3cce547
6737e9ff86a86f3d1bc77e48956b86715637564e
d027748586541dbe2514481729fdc33063c97dfc1e071012da458a8ee838134b
GET /it/u=932576940,434585048&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 62510
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:35:35 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7762bf3f71bf08544e633918f3cce547
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:35:35 GMT
Ohc-Cache-HIT: cd5ct76 [1], suzix234 [4]
Ohc-File-Size: 62510
X-Cache-Status: MISS
12837.url.tudown.com/api.php?op=digg&action=show&id=23038
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12837.url.tudown.com/api.php?op=digg&action=show&id=23038
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12837.url.tudown.com/uploads/images/754327.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/754327.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/754327.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1282138625,2560566959&fm=224&app=112&f=JPEG?w=500&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 9e390417b11a16584cea052374617b1e
48061f52edd119744a7ac33a5c58d0cd1c25b568
6d07c782952d189084290d276c8e7757de9550546b20ca3a0da590e75860d30e
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12837.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Mon, 23 Jan 2023 03:11:40 GMT
Etag: 47c7859d33223d6a9bfded94cf85d8ab
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E43B40184AF5EB22; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
t13.baidu.com/it/u=1282138625,2560566959&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 14 kB URL HTTP/1.1 t13.baidu.com/it/u=1282138625,2560566959&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5acbd227284d98d07a6791e26197956f
43f66518115c7fea82e3d82740d3a07c251c3967
6976093bf8c3c22910ca68f10c7cf9623ff0ecb423a3474ba07b7245f6f2a64b
GET /it/u=1282138625,2560566959&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpeg
Content-Length: 14180
Connection: keep-alive
Expires: Fri, 27 Jan 2023 13:42:34 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5acbd227284d98d07a6791e26197956f
Age: 970070
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 13:42:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache65 [4], suzix71 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 14180
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/uploads/images/641417.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/641417.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/641417.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3353843918,1956703362&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img1.baidu.com/it/u=889749734,2080983920&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=625
182.140.225.35200 OK 40 kB URL HTTP/2 img1.baidu.com/it/u=889749734,2080983920&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=625
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x625, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d03d95bc5cacfbe968841060abaa4c1
8b207c5099b07e38e14713a590e04552886258f9
c4af730d9cbd6ed9ccc56a4a5a2ad3a5d9acdd3cc3cb8e918cf1c04c8751b776
GET /it/u=889749734,2080983920&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=625 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 40494
expires: Mon, 20 Feb 2023 14:47:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9d03d95bc5cacfbe968841060abaa4c1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 14:47:21 GMT
ohc-cache-hit: cd5ct56 [2], czix249 [2]
ohc-file-size: 40494
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=302929482,475810512&fm=253&fmt=auto?w=1422&h=800
182.242.59.35200 OK 96 kB URL HTTP/2 img2.baidu.com/it/u=302929482,475810512&fm=253&fmt=auto?w=1422&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4162564a6489be6e7acec7ca0df14bd7
bc5eff7140a83ee53cebc58a42bb090bd36e242e
ae5c7b1ff6ca6527c64090a2315da6d78e99ee8b40cf2dbb7d5020d977c05af6
GET /it/u=302929482,475810512&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 96020
expires: Tue, 31 Jan 2023 09:38:37 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 4162564a6489be6e7acec7ca0df14bd7
age: 240477
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 09:38:37 GMT
ohc-cache-hit: km7ct78 [4], csix93 [4]
ohc-file-size: 96020
x-cache-status: HIT
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 Jan 2023 03:11:41 GMT
12837.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 12837.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash c19cc9736861509f8ee592250356f3f4
6f25821551882c54ac3d7f38dc276495ad22f5f3
bc5954d987de63783b14a1baf6a997cd6b12dd4744a0c135a7adc12b4370e95c
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12837.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12837.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 5aa34cfcef9663bb856530c5e06e6364
7f695d5a22eac636a3e9cf3cbec1dea6fb025330
84fe2b6c8ed11767b832b14d135e61e96c8dc5f398d3c8888befa071feedf9ef
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12837.url.tudown.com/uploads/images/626652.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/626652.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/626652.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1124244586,724518977&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=158
12837.url.tudown.com/uploads/images/234556.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/234556.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/234556.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
img0.baidu.com/it/u=3516281913,4174734674&fm=253&app=120&f=JPEG?w=1422&h=800
182.140.225.35200 OK 217 kB URL HTTP/1.1 img0.baidu.com/it/u=3516281913,4174734674&fm=253&app=120&f=JPEG?w=1422&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 217 kB (217216 bytes)
Hash 9b61c8443c3cb83c0b47e5b1cebe69fe
2583802091619e3174161d9ce1d7a359cf76899f
b979dfc93ce17b8b1153be0313e8597c86fe80d436af57d8a04b47981f30f2d5
GET /it/u=3516281913,4174734674&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:40 GMT
Content-Type: image/jpeg
Content-Length: 217216
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:36:59 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 9b61c8443c3cb83c0b47e5b1cebe69fe
Age: 966073
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:36:59 GMT
Ohc-Cache-HIT: cd5ct73 [3], bdix180 [2]
Ohc-File-Size: 217216
X-Cache-Status: HIT
12837.url.tudown.com/uploads/images/973524.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/973524.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/973524.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=744689300,4058293309&fm=253&fmt=auto&app=138&f=JPEG?w=340&h=487
12837.url.tudown.com/uploads/images/8482.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/8482.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/8482.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1828694808,1212188206&fm=224&app=112&f=JPEG?w=375&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=450746522&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24250&r=0&ww=1280&u=http%3A%2F%2F12837.url.tudown.com%2Fdown%2F%25E3%2580%258A%25E4%25B8%258A%25E5%258F%25A4%25E5%258D%25B7%25E8%25BD%25B45%25E3%2580%258B%25E5%25B0%25BC%25E5%25B0%2594%25E6%259C%25BA%25E6%25A2%25B0%25E7%25BA%25AA%25E5%2585%25832b%25E7%2589%25A9%25E7%2590%2586%25E5%258C%2596%25E6%259C%258D%25E8%25A3%2585mod%40353_68349.exe&tt=%E5%BC%80%E4%BA%91%C2%B7%E6%A3%8B%E7%89%8C%E5%AE%98%E7%BD%91-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=450746522&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24250&r=0&ww=1280&u=http%3A%2F%2F12837.url.tudown.com%2Fdown%2F%25E3%2580%258A%25E4%25B8%258A%25E5%258F%25A4%25E5%258D%25B7%25E8%25BD%25B45%25E3%2580%258B%25E5%25B0%25BC%25E5%25B0%2594%25E6%259C%25BA%25E6%25A2%25B0%25E7%25BA%25AA%25E5%2585%25832b%25E7%2589%25A9%25E7%2590%2586%25E5%258C%2596%25E6%259C%258D%25E8%25A3%2585mod%40353_68349.exe&tt=%E5%BC%80%E4%BA%91%C2%B7%E6%A3%8B%E7%89%8C%E5%AE%98%E7%BD%91-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=450746522&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24250&r=0&ww=1280&u=http%3A%2F%2F12837.url.tudown.com%2Fdown%2F%25E3%2580%258A%25E4%25B8%258A%25E5%258F%25A4%25E5%258D%25B7%25E8%25BD%25B45%25E3%2580%258B%25E5%25B0%25BC%25E5%25B0%2594%25E6%259C%25BA%25E6%25A2%25B0%25E7%25BA%25AA%25E5%2585%25832b%25E7%2589%25A9%25E7%2590%2586%25E5%258C%2596%25E6%259C%258D%25E8%25A3%2585mod%40353_68349.exe&tt=%E5%BC%80%E4%BA%91%C2%B7%E6%A3%8B%E7%89%8C%E5%AE%98%E7%BD%91-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12837.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 03:11:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=87565C7C4402ACC8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img2.baidu.com/it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
182.242.59.35200 OK 46 kB URL HTTP/2 img2.baidu.com/it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8b4f7dfe663ef3e0a9724a21c344c79
3dc44f0c7f79fb9d0114952d80cbbc7c15ebfc04
251c918522bb74ea6ce7c9a445b2b25d3fa380721b74562ec0c3747958a3f929
GET /it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 45870
expires: Thu, 02 Feb 2023 03:43:16 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d8b4f7dfe663ef3e0a9724a21c344c79
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:43:16 GMT
ohc-cache-hit: km7ct64 [1], xiangyix163 [4]
ohc-file-size: 45870
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
182.242.59.35200 OK 105 kB URL HTTP/2 img2.baidu.com/it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 105 kB (105444 bytes)
Hash 7786b866d9b140639635125f0933d7b5
4044b34c6eb1b11ac74947993f74a6c25a56133f
942c77d4ffdc4220ab24d9a591f12376b5043ffc07276efef49ead7c5960ad08
GET /it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 105444
expires: Sat, 18 Feb 2023 04:48:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7786b866d9b140639635125f0933d7b5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:48:15 GMT
ohc-cache-hit: km7ct72 [1], bdix194 [4]
ohc-file-size: 105444
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3357647343,1819737634&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1029
182.242.59.35200 OK 43 kB URL HTTP/2 img2.baidu.com/it/u=3357647343,1819737634&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1029
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1029, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9249615f29c868efbce6a98917ee460b
cfa34381fbadcab7e1b1f51fed62989cdceda20b
418adbe9e7ce06db50475ba5c4eb0bc8fe7fec8f322623ca2def2396e5dc2d12
GET /it/u=3357647343,1819737634&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1029 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 43354
expires: Wed, 15 Feb 2023 02:54:34 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9249615f29c868efbce6a98917ee460b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 02:54:34 GMT
ohc-cache-hit: km7ct51 [1], czix241 [4]
ohc-file-size: 43354
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
182.242.59.35200 OK 59 kB URL HTTP/2 img2.baidu.com/it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 22d5989ca04f579e2417f1d799baa07e
058d6936cf3ca378c264e818b2d87622c5d83c04
8789ed6d418473e3b0a81d8d0e9a6e55d6c499a8cba5d39b27457df553e08986
GET /it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 59072
expires: Mon, 20 Feb 2023 06:55:17 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 22d5989ca04f579e2417f1d799baa07e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:55:17 GMT
ohc-cache-hit: km7ct65 [1], bdix229 [4]
ohc-file-size: 59072
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/189922.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/189922.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/189922.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3812196650,4194611998&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1124244586,724518977&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=158
182.106.158.35200 OK 2.9 kB URL HTTP/1.1 img1.baidu.com/it/u=1124244586,724518977&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=158
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x158, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50e40359d2e2469e610973c6bd882182
ecbd4345cbaa5388b1d9540f994c02e5e7199f3e
3cab1fc4ed6aabda02cc1acc473fd5844dfd9fd47786ce7e8439ecb892a0818d
GET /it/u=1124244586,724518977&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=158 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/webp
Content-Length: 2930
Connection: keep-alive
Expires: Wed, 25 Jan 2023 04:23:56 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 50e40359d2e2469e610973c6bd882182
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 04:23:56 GMT
Ohc-Cache-HIT: jjct61 [1], xiangyix181 [2]
Ohc-File-Size: 2930
X-Cache-Status: MISS
img2.baidu.com/it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.242.59.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99b9a08f313d74b897d3e5e32227a060
7c4cb1bfb5c61fe92c4e5ef3b17bc0d851adc03f
bd8a892e83ce746d19369fd559a0122c6dd9deb2b8c9f623d06f259036a0be7e
GET /it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 39088
expires: Mon, 06 Feb 2023 09:08:09 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 99b9a08f313d74b897d3e5e32227a060
age: 174642
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 09:08:09 GMT
ohc-cache-hit: km7ct56 [4], suzix243 [2]
ohc-file-size: 39088
x-cache-status: HIT
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/893967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/893967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/893967.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=120002570,1638505084&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=692
img2.baidu.com/it/u=2142482792,2704330803&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=326
182.242.59.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=2142482792,2704330803&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=326
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 580x326, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4bd764516aa1ee8e9e058567b3248d9e
6fda31d89d851f79b32982d22293b37351bfa123
1859b0bba4776d484a2787b070f7a1a098c1064ff39cbeb67631955a3bd3f086
GET /it/u=2142482792,2704330803&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=326 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:40 GMT
content-type: image/webp
content-length: 11672
expires: Mon, 20 Feb 2023 04:37:57 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 4bd764516aa1ee8e9e058567b3248d9e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:37:57 GMT
ohc-cache-hit: km7ct60 [1], czix249 [4]
ohc-file-size: 11672
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/190375.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/190375.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/190375.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2166532204,743074857&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/481463.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/481463.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/481463.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3617122035,541048378&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
img2.baidu.com/it/u=1135708367,4276067072&fm=253&fmt=auto&app=138&f=JPEG?w=260&h=300
182.242.59.35200 OK 9.4 kB URL HTTP/2 img2.baidu.com/it/u=1135708367,4276067072&fm=253&fmt=auto&app=138&f=JPEG?w=260&h=300
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49b339fda14aab04aeb305770dc5947d
2740d663e1e8144bf062b34d44679ef991c94e76
8cec516b12985ce0f85aff8e6cd073db69df51639409541c708e5b56b323468e
GET /it/u=1135708367,4276067072&fm=253&fmt=auto&app=138&f=JPEG?w=260&h=300 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 9416
expires: Sun, 19 Feb 2023 08:45:03 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 49b339fda14aab04aeb305770dc5947d
age: 177722
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 08:45:03 GMT
ohc-cache-hit: km7ct52 [4], suzix52 [4]
ohc-file-size: 9416
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1828694808,1212188206&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t15.baidu.com/it/u=1828694808,1212188206&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash 3c4e719ddd93632f1aa0bbec0c245630
8a56edbe7f808ebf422776c31de368bba5df5c24
ec5b2271b076490ed320a2646bb10ccff1ac513e0961803bdcc7248a786089a9
GET /it/u=1828694808,1212188206&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpeg
Content-Length: 44852
Connection: keep-alive
Expires: Tue, 07 Feb 2023 05:52:26 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 3c4e719ddd93632f1aa0bbec0c245630
Age: 1032692
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 05:52:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache55 [4], wzix108 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44852
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3812196650,4194611998&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 74 kB URL HTTP/1.1 t13.baidu.com/it/u=3812196650,4194611998&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 723ccee7ecb7a8d6ae8a44ed39da0980
99d3365977f0da274713731cc1af825e3fd5e9ac
a69e214fd813ca268d1ac891d3d0c14b2d393e67c5627370493aac63bb060f9f
GET /it/u=3812196650,4194611998&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpeg
Content-Length: 74521
Connection: keep-alive
Expires: Thu, 02 Feb 2023 03:43:10 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 723ccee7ecb7a8d6ae8a44ed39da0980
Age: 1699634
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 03:43:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache63 [4], bdix131 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 74521
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
182.140.225.35200 OK 6.0 kB URL HTTP/2 img0.baidu.com/it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ab3a9d0b567a1a97df0fb910220e828
e24bf864980fcfe718260b4d1f26560f42641557
28797bee1ea4afba47a624759a4e1f880aaa1c994bcaddd4cdf2df278a6277c3
GET /it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 5990
expires: Sun, 19 Feb 2023 12:15:31 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 8ab3a9d0b567a1a97df0fb910220e828
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 12:15:31 GMT
ohc-cache-hit: cd5ct50 [1], czix203 [4]
ohc-file-size: 5990
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/474714.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/474714.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/474714.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1082207662,1251592053&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=691
img2.baidu.com/it/u=3353843918,1956703362&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
182.242.59.35200 OK 63 kB URL HTTP/2 img2.baidu.com/it/u=3353843918,1956703362&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bdb7c5416db377f2e73d2b73e7230d7e
5c78102cd259b01aefb031c9e1bfbd243177a2b0
aa809080cd953ebac682a2694d9d444146cf6d14b4f1afe7f0c31d1b1bed56d4
GET /it/u=3353843918,1956703362&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 63358
expires: Sat, 18 Feb 2023 14:43:36 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: bdb7c5416db377f2e73d2b73e7230d7e
age: 262352
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 14:43:36 GMT
ohc-cache-hit: km7ct68 [4], xaix150 [2]
ohc-file-size: 63358
x-cache-status: HIT
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/523860.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/523860.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/523860.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2775467936,1104664857&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334
img2.baidu.com/it/u=2166532204,743074857&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
182.242.59.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=2166532204,743074857&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e512d6b8aef47b2eba9836a52ee23583
d0b45fd8c4464465e975e62f4696b1e18d3ad9f8
a33096c515184c6126323b8ad655b239919e2d268fb3beaf08a9e86dcaf31d35
GET /it/u=2166532204,743074857&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 16244
expires: Thu, 09 Feb 2023 07:30:28 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e512d6b8aef47b2eba9836a52ee23583
age: 194854
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 07:30:28 GMT
ohc-cache-hit: km7ct83 [4], wzix83 [2]
ohc-file-size: 16244
x-cache-status: HIT
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/16183.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/16183.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/16183.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750
12837.url.tudown.com/uploads/images/372208.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/372208.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/372208.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/989613.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/989613.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/989613.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2821958498,1078046284&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=420
12837.url.tudown.com/uploads/images/797936.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/797936.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/797936.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=399928619,2557817052&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
t13.baidu.com/it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 51 kB URL HTTP/1.1 t13.baidu.com/it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1f4dd4b253cdeb26b1c1e9f61a016942
8339bdedf6f589572e86f0ec52efb42c9c2e859e
ee010185dbd43e8fe275a64dd4a95c62fcb27c7e884a48a140753e9d39f43340
GET /it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpeg
Content-Length: 51071
Connection: keep-alive
Expires: Sun, 05 Feb 2023 12:51:49 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1f4dd4b253cdeb26b1c1e9f61a016942
Age: 972386
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 12:51:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache53 [4], bdix246 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51071
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=120002570,1638505084&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=692
182.140.225.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=120002570,1638505084&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=692
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x692, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash acba38cb52f3ac32ed3b98daef2d0f09
d1fc156dc8c975974e18f2d9d66e6a8099cbc172
36892defaec70696a378255da758dc1d9a80e820601b075232132f1ee42e5538
GET /it/u=120002570,1638505084&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=692 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 23138
expires: Sun, 05 Feb 2023 13:10:19 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: acba38cb52f3ac32ed3b98daef2d0f09
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 13:10:19 GMT
ohc-cache-hit: cd5ct81 [1], wzix64 [2]
ohc-file-size: 23138
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3617122035,541048378&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
182.140.225.35200 OK 42 kB URL HTTP/2 img1.baidu.com/it/u=3617122035,541048378&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbb6cd49807daa8afffbc706b1e8d9c9
060376e1efc6ba1cb896c72c8d63bc0001d68bd5
5b02c66ab6f0e3e2e1d94582c1892f6cfc9d6fa0af365cbc57bf5c85191db55d
GET /it/u=3617122035,541048378&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 41648
expires: Sun, 19 Feb 2023 10:37:46 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: bbb6cd49807daa8afffbc706b1e8d9c9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 10:37:46 GMT
ohc-cache-hit: cd5ct52 [1], qdix181 [2]
ohc-file-size: 41648
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=744689300,4058293309&fm=253&fmt=auto&app=138&f=JPEG?w=340&h=487
182.140.225.35200 OK 18 kB URL HTTP/2 img1.baidu.com/it/u=744689300,4058293309&fm=253&fmt=auto&app=138&f=JPEG?w=340&h=487
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 340x487, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d505f422a2f28664fc510dbf4893f9e3
c9556ead026cf2ee2d4f3160876e835c2ee4cb82
3af940108a2e388e3a92b7fb8e70117a70fde0c84e929c5b14f6ef561852b8e4
GET /it/u=744689300,4058293309&fm=253&fmt=auto&app=138&f=JPEG?w=340&h=487 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 18446
expires: Wed, 22 Feb 2023 03:11:41 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d505f422a2f28664fc510dbf4893f9e3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:11:41 GMT
ohc-cache-hit: cd5ct82 [1], xiangyix118 [2]
ohc-file-size: 18446
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1082207662,1251592053&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=691
182.140.225.35200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=1082207662,1251592053&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=691
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x691, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 58136641f42fa74b89818c6b536c4751
f592bfa557815196e403d2b2125a34087abda650
2cabebfb9d9f9125e52c0f586ed6ed0a79675159ad00285b4a75a5b1a205a62e
GET /it/u=1082207662,1251592053&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=691 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:41 GMT
content-type: image/webp
content-length: 19358
expires: Tue, 31 Jan 2023 04:08:49 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 58136641f42fa74b89818c6b536c4751
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 04:08:49 GMT
ohc-cache-hit: cd5ct63 [1], xiangyix103 [2]
ohc-file-size: 19358
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/349150.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/349150.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/349150.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1571254160,3799709801&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/756280.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/756280.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/756280.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350
img2.baidu.com/it/u=2775467936,1104664857&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334
182.242.59.35200 OK 18 kB URL HTTP/2 img2.baidu.com/it/u=2775467936,1104664857&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 384122188fafb95daa47b07fb8a114fe
c51b08d59de85b7f338eca6980c23e0d17cf8f47
e075ccf153a14baf9f4659ed9d272c0e159a3824b33a4a6af6752840b3d72c80
GET /it/u=2775467936,1104664857&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=334 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 18414
expires: Tue, 21 Feb 2023 17:54:14 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 384122188fafb95daa47b07fb8a114fe
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 17:54:13 GMT
ohc-cache-hit: km7ct77 [1], bdix187 [2]
ohc-file-size: 18414
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 8.9 kB URL HTTP/1.1 t14.baidu.com/it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 834c42b216324f9eff74e3e8e36dd668
fe2fff80b74c51915ab7ecfd1da11ecb6a1b9fb1
eb419c0c16a35dbcf289e22f69849f4ed8730c6629eccf5a327c9a18e4f3cad6
GET /it/u=2247878018,518343743&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpeg
Content-Length: 8906
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:12:59 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 834c42b216324f9eff74e3e8e36dd668
Age: 972264
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:12:59 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache61 [4], xaix108 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 8906
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/uploads/images/832037.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/832037.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/832037.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2136121017,549622950&fm=224&app=112&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/360422.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/360422.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/360422.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1138470780,535766067&fm=253&fmt=auto?w=1280&h=800
12837.url.tudown.com/uploads/images/389767.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/389767.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/389767.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500
img2.baidu.com/it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750
182.242.59.35200 OK 44 kB URL HTTP/2 img2.baidu.com/it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8be69ac0178b13f9eea4f93d8f722e0a
f8e13dac166008307a3e18a89454e9a4d8a75125
26840f9ca7e3127555e913427d56a5ec75f653cb65ebe75e0931c4b12a380a2e
GET /it/u=3746346873,596028162&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=750 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 43782
expires: Sat, 18 Feb 2023 16:17:24 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8be69ac0178b13f9eea4f93d8f722e0a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 16:17:24 GMT
ohc-cache-hit: km7ct78 [1], qdix78 [2]
ohc-file-size: 43782
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/logo.png?n=424znzmms7ukhbpjuwyonhmq42ljt2muqdszjlxjqoua&w=250
154.218.151.71200 OK 2.9 kB URL HTTP/1.1 12837.url.tudown.com/uploads/images/logo.png?n=424znzmms7ukhbpjuwyonhmq42ljt2muqdszjlxjqoua&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash a0c451a6291a2308df2da609458100da
165680d30b1d2c75f11b1d0f63aed571f2990419
65fedd32cd1f5a7eb35dcfa32756baa794cd6345475778ef6412651a94f1ac98
GET /uploads/images/logo.png?n=424znzmms7ukhbpjuwyonhmq42ljt2muqdszjlxjqoua&w=250 HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
img2.baidu.com/it/u=399928619,2557817052&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.242.59.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=399928619,2557817052&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e52a6778d5130e16cdbaf295e146004
4109b62ee118de6e9cb2a38ff51f4a72171442f6
0e1503beb2ed75d6504acb5a1992f2c0fb8fb4d810c8f47a4fa26fcb6c009a8d
GET /it/u=399928619,2557817052&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 38980
expires: Sun, 12 Feb 2023 02:35:09 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 1e52a6778d5130e16cdbaf295e146004
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 02:35:09 GMT
ohc-cache-hit: km7ct63 [1], bdix198 [4]
ohc-file-size: 38980
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2821958498,1078046284&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=420
182.140.225.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=2821958498,1078046284&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=420
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 420x420, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f4672e0944104265b66272a99df493f
80913914411cc68fbb3b38c72c799ee73e05443a
d7d297578954604f5ec230514cba388b93d6ca00d89361b90b8b321e77b0629a
GET /it/u=2821958498,1078046284&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=420 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 13934
expires: Fri, 27 Jan 2023 02:31:10 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 5f4672e0944104265b66272a99df493f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 02:31:10 GMT
ohc-cache-hit: cd5ct60 [1], xiangyix120 [4]
ohc-file-size: 13934
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2136121017,549622950&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t15.baidu.com/it/u=2136121017,549622950&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9e95277ce9f1dde5ddce53ae55335910
437d58a98b3d00193325f4b25dd7d226a1938c22
a0153c3f719ca80a00177822da12f2dc8372439b0d7c10efdb81717680ac4f76
GET /it/u=2136121017,549622950&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpeg
Content-Length: 33757
Connection: keep-alive
Expires: Sun, 05 Feb 2023 14:45:27 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9e95277ce9f1dde5ddce53ae55335910
Age: 1032690
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 14:45:27 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache57 [4], qdix174 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33757
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/uploads/images/45363.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/45363.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/45363.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3035554530,798197153&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1571254160,3799709801&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=1571254160,3799709801&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8cbedf86be3a9935494fbbdae9a4baec
aed500413762a032a7a76f0ff954dd4aabac7fd9
aee8c2ca1e07e45618d3ac67879331671f8ccb4d9f9d085b5f84850c0ea1f0d7
GET /it/u=1571254160,3799709801&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 27932
expires: Sun, 19 Feb 2023 07:38:14 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 8cbedf86be3a9935494fbbdae9a4baec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 07:38:14 GMT
ohc-cache-hit: cd5ct71 [1], czix201 [4]
ohc-file-size: 27932
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/86692.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/86692.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/86692.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3110504954,1535444840&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3110504954,1535444840&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t14.baidu.com/it/u=3110504954,1535444840&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c4ad05b5001b2ec465dfba8f2540da2e
c88a97032aac8f6bbb1583990ee5768e5ca9e53c
61c80aa561471ee2edae01f51ca1105178d250cbb37c5d51f010dccbf48143db
GET /it/u=3110504954,1535444840&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpeg
Content-Length: 45873
Connection: keep-alive
Expires: Fri, 03 Feb 2023 00:02:52 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c4ad05b5001b2ec465dfba8f2540da2e
Age: 970377
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 00:02:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache57 [4], csix57 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45873
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/uploads/images/245756.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/245756.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/245756.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=59867812,2505451943&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500
12837.url.tudown.com/uploads/images/28585.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/28585.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/28585.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=838226752,2988504238&fm=224&app=112&f=JPEG?w=350&h=350
12837.url.tudown.com/uploads/images/861712.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/861712.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/861712.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4012307797,844533299&fm=224&app=112&f=JPEG?w=500&h=500
12837.url.tudown.com/uploads/images/970839.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/970839.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/970839.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
img2.baidu.com/it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500
182.242.59.35200 OK 73 kB URL HTTP/2 img2.baidu.com/it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 805x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1976b1b2f9a3cc312d824ddde22df6ed
322e3044539b38a6bc912ddefe5f2b3dc39c4af0
c96fd6408a90e0d4837c2ef788e917d8bc08c362036a8b161f3404fa53150507
GET /it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 72780
expires: Tue, 21 Feb 2023 05:00:49 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1976b1b2f9a3cc312d824ddde22df6ed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:00:49 GMT
ohc-cache-hit: km7ct79 [2], qdix140 [2]
ohc-file-size: 72780
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=4012307797,844533299&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 55 kB URL HTTP/1.1 t15.baidu.com/it/u=4012307797,844533299&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 23d8c44ecae658252c3bfb64bdde3db0
5485dfb213dfdf03a7e3bf2c2860db333dcba863
3f5ec7b15458980037f535725baed5a65eda8156cc4b89ec4dfa33476eae4da8
GET /it/u=4012307797,844533299&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpeg
Content-Length: 55006
Connection: keep-alive
Expires: Fri, 03 Feb 2023 04:35:50 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 23d8c44ecae658252c3bfb64bdde3db0
Age: 971660
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 04:35:50 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache64 [1], xaix192 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 55006
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1138470780,535766067&fm=253&fmt=auto?w=1280&h=800
182.140.225.35200 OK 48 kB URL HTTP/2 img0.baidu.com/it/u=1138470780,535766067&fm=253&fmt=auto?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0da082b24e1783b9b6e3aa49fef4ce1e
97dff6e92fe294b1edc56e3451507deff9ba0e50
f5be51ffdb3b40838808efc804748d052e4116c00b8fcd00db2f8d231aed9dac
GET /it/u=1138470780,535766067&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 47908
expires: Tue, 14 Feb 2023 08:16:47 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 0da082b24e1783b9b6e3aa49fef4ce1e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:16:47 GMT
ohc-cache-hit: cd5ct55 [1], csix55 [4]
ohc-file-size: 47908
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=838226752,2988504238&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 11 kB URL HTTP/1.1 t15.baidu.com/it/u=838226752,2988504238&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 042829bd161ec79dc941fe50c2748758
54349c9f61dcb7b541e859cf1e96c69f07f03985
5e73a85d2cce40d895853428da16d4c29da6b08050415a710c004a9e5edba1ab
GET /it/u=838226752,2988504238&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpeg
Content-Length: 11020
Connection: keep-alive
Expires: Wed, 15 Feb 2023 02:18:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 042829bd161ec79dc941fe50c2748758
Age: 562163
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 02:18:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache61 [1], bdix188 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 11020
X-Cache-Status: HIT
Timing-Allow-Origin: *
12837.url.tudown.com/uploads/images/762352.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/762352.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/762352.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=421799230,1647719226&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=133
12837.url.tudown.com/uploads/images/208467.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/208467.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/208467.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1312836142,2639534324&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=500
img0.baidu.com/it/u=3035554530,798197153&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=3035554530,798197153&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d81e87dc1322ad882b97a2447f5b2a0
679b4ac5a00dd2ed9a8da426f4d3a59818c54260
02ab53f12c51b100c359a39861c28af7287c171cbf36050a98b68c1ad7d9c718
GET /it/u=3035554530,798197153&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 36250
expires: Wed, 01 Feb 2023 13:19:56 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1d81e87dc1322ad882b97a2447f5b2a0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 13:19:56 GMT
ohc-cache-hit: cd5ct60 [1], csix64 [2]
ohc-file-size: 36250
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/781609.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/781609.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/781609.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2118172738,1169744765&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
12837.url.tudown.com/uploads/images/992715.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/992715.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/992715.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=284557892,4132405264&fm=253&fmt=auto?w=1280&h=800
12837.url.tudown.com/uploads/images/144660.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/144660.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/144660.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3537830280,358465960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
12837.url.tudown.com/uploads/images/361657.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/361657.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/361657.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3059440794,2891041960&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=59867812,2505451943&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500
182.140.225.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=59867812,2505451943&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 538x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash adc2933cf8c2ca793657bc1cefc45df2
8320d557e7a294c6b0b792a0fc582cf920ab5689
f7dfccac9d16eefcb2e9c5395a51b57b2a5b6f587cb834023964ed9f4b922836
GET /it/u=59867812,2505451943&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 13708
expires: Thu, 26 Jan 2023 20:18:08 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: adc2933cf8c2ca793657bc1cefc45df2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 20:18:08 GMT
ohc-cache-hit: cd5ct61 [1], wzix61 [4]
ohc-file-size: 13708
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/981603.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/981603.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/981603.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1948873437,1578725175&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
12837.url.tudown.com/uploads/images/854715.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/854715.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/854715.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=196467371,882010805&fm=253&app=120&f=JPEG?w=800&h=1280
img2.baidu.com/it/u=1312836142,2639534324&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=500
182.242.59.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=1312836142,2639534324&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 327x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52f910a2fb28c772924785b47a1c9599
04aab9cb3fcd1513f3e5e190d6ac246bda54ec38
dbe2a451477d507e5f2b47cac6740a2ce2128b22ee16e807bee2407de5ba9585
GET /it/u=1312836142,2639534324&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:42 GMT
content-type: image/webp
content-length: 20230
expires: Mon, 23 Jan 2023 04:32:18 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 52f910a2fb28c772924785b47a1c9599
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 04:32:18 GMT
ohc-cache-hit: km7ct55 [1], suzix242 [2]
ohc-file-size: 20230
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=421799230,1647719226&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=133
182.140.225.35200 OK 2.0 kB URL HTTP/2 img0.baidu.com/it/u=421799230,1647719226&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=133
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x133, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c5f8dec4f35b394b42b6d6e966f842f
96668bf3a30eb638229ec357e30e4cd2b229f4c6
07b82af9378c5390e68d24ae4ce46ec0cfdef4e4a410f9d52a879d69f21da4b7
GET /it/u=421799230,1647719226&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=133 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/webp
content-length: 2010
expires: Sun, 12 Feb 2023 13:31:27 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1c5f8dec4f35b394b42b6d6e966f842f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 13:31:27 GMT
ohc-cache-hit: cd5ct77 [1], czix213 [2]
ohc-file-size: 2010
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/511169.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/511169.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/511169.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3532677468,3188277901&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
img2.baidu.com/it/u=2118172738,1169744765&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
182.242.59.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=2118172738,1169744765&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 419cf9aca856dbbdda9a1a7a4b79f9fb
5b4b98f4c5c552dd5e5d72e280d490c63fde2859
d722a8362421ba0e7adef0a6efdb5bdd387ecdd1457d4d1b89c49313b975803e
GET /it/u=2118172738,1169744765&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/webp
content-length: 19324
expires: Fri, 17 Feb 2023 10:42:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 419cf9aca856dbbdda9a1a7a4b79f9fb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 10:42:31 GMT
ohc-cache-hit: km7ct71 [1], xaix66 [4]
ohc-file-size: 19324
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/uploads/images/789358.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/789358.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/789358.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2455550287,2934132641&fm=253&fmt=auto&app=138&f=GIF?w=480&h=362
12837.url.tudown.com/uploads/images/566905.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12837.url.tudown.com/uploads/images/566905.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/566905.jpg HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889
img2.baidu.com/it/u=3537830280,358465960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
182.242.59.35200 OK 47 kB URL HTTP/2 img2.baidu.com/it/u=3537830280,358465960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfe387bf9df4a75ed5949b20d004ac2c
458cedc789eafe733238ed572ddd0648e994bd5f
22ef144115a5f66d282e8a6fa28de8565891ce86553adeb59fea38a0d9747aee
GET /it/u=3537830280,358465960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/webp
content-length: 46982
expires: Fri, 10 Feb 2023 09:53:27 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: dfe387bf9df4a75ed5949b20d004ac2c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 09:53:27 GMT
ohc-cache-hit: km7ct75 [1], bdix75 [2]
ohc-file-size: 46982
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3059440794,2891041960&fm=253&app=120&f=JPEG?w=1280&h=800
182.140.225.35200 OK 172 kB URL HTTP/1.1 img0.baidu.com/it/u=3059440794,2891041960&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 172 kB (171617 bytes)
Hash fdde52325a4244239900258a7d2a111a
e2adab5be0428b4005f574c025f2800317be4983
e2685a17414526b1dbdd910123f2c54f82a2938fdeb4d270bf75560aac7df5d2
GET /it/u=3059440794,2891041960&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/jpeg
Content-Length: 171617
Connection: keep-alive
Expires: Tue, 24 Jan 2023 07:53:21 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: fdde52325a4244239900258a7d2a111a
Age: 1619
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 07:53:21 GMT
Ohc-Cache-HIT: cd5ct83 [4], xaix123 [4]
Ohc-File-Size: 171617
X-Cache-Status: HIT
img0.baidu.com/it/u=284557892,4132405264&fm=253&fmt=auto?w=1280&h=800
182.140.225.35200 OK 115 kB URL HTTP/2 img0.baidu.com/it/u=284557892,4132405264&fm=253&fmt=auto?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 115 kB (114762 bytes)
Hash a2d356928541ee269b10c4ee5535f46a
1de67573b6ab92f42b50c16e11928111ca031ef0
61081d46bd70c2fe4c326182274f7aabdadd4cdedbe1d09bd5e164ca85527e41
GET /it/u=284557892,4132405264&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/webp
content-length: 114762
expires: Tue, 14 Feb 2023 08:12:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a2d356928541ee269b10c4ee5535f46a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:12:51 GMT
ohc-cache-hit: cd5ct53 [1], suzix143 [2]
ohc-file-size: 114762
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
182.242.59.35200 OK 34 kB URL HTTP/1.1 img2.baidu.com/it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x702, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fca79e0a38ddde9e6f14bb8ab26a22db
a83d6c1baf9e030fa4fa5f32bbdc33d56af872c3
8755423eeed77de1f6a85a8d9ef88644ba929362dd6dc07d7819c3df7ec9ead5
GET /it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/webp
Content-Length: 34528
Connection: keep-alive
Expires: Wed, 01 Feb 2023 12:34:07 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: fca79e0a38ddde9e6f14bb8ab26a22db
Age: 515627
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 12:34:07 GMT
Ohc-Cache-HIT: km7ct59 [2], wzix59 [2]
Ohc-File-Size: 34528
X-Cache-Status: HIT
img0.baidu.com/it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889
182.140.225.35200 OK 55 kB URL HTTP/1.1 img0.baidu.com/it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash c38c3eb4a04d3f58d0ea0a27ce384c16
da338962eeead5d44c29b1af41b2997b3dccf42a
ed870a038684d3d0d06fd14e242892da55911984ff001322facb08ccdf4838bf
GET /it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/jpeg
Content-Length: 54777
Connection: keep-alive
Expires: Tue, 14 Feb 2023 22:51:03 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c38c3eb4a04d3f58d0ea0a27ce384c16
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 22:51:03 GMT
Ohc-Cache-HIT: cd5ct76 [1], qdix76 [2]
Ohc-File-Size: 54777
X-Cache-Status: MISS
img2.baidu.com/it/u=2455550287,2934132641&fm=253&fmt=auto&app=138&f=GIF?w=480&h=362
182.242.59.35200 OK 120 kB URL HTTP/2 img2.baidu.com/it/u=2455550287,2934132641&fm=253&fmt=auto&app=138&f=GIF?w=480&h=362
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type GIF image data, version 89a, 480 x 362\012- data
Size 120 kB (120311 bytes)
Hash 8528ff8abe8a1e732f5dbc4654ece71a
a484a80a3ece725bc6f7902578d6a6a2640760d8
6b8416db3678ec7bc5779c2ee7d787fede5d9971eccc65d34a849a7e86897fd7
GET /it/u=2455550287,2934132641&fm=253&fmt=auto&app=138&f=GIF?w=480&h=362 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/gif
content-length: 120311
expires: Thu, 09 Feb 2023 21:35:23 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8528ff8abe8a1e732f5dbc4654ece71a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 21:35:23 GMT
ohc-cache-hit: km7ct54 [1], csix105 [2]
ohc-file-size: 120311
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3532677468,3188277901&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
182.140.225.35200 OK 67 kB URL HTTP/2 img1.baidu.com/it/u=3532677468,3188277901&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea7e43ca539615799f84597a6125cb34
5874f9dcda014e2d64ac0d7e8c22e8373546d9b2
0eab443e3a72baccede5ce838cc175cab7758a9a865f578cb0492190242e204f
GET /it/u=3532677468,3188277901&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/webp
content-length: 66632
expires: Tue, 24 Jan 2023 13:57:07 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ea7e43ca539615799f84597a6125cb34
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 13:57:07 GMT
ohc-cache-hit: cd5ct53 [1], xiangyix194 [2]
ohc-file-size: 66632
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=196467371,882010805&fm=253&app=120&f=JPEG?w=800&h=1280
182.140.225.35200 OK 155 kB URL HTTP/1.1 img0.baidu.com/it/u=196467371,882010805&fm=253&app=120&f=JPEG?w=800&h=1280
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1280, components 3\012- data
Size 155 kB (155063 bytes)
Hash 11116c346c0d61f30908ca38d6e859d9
3eb5b2806b39e7bccae8d081dc7405a413659c5b
5eb39e3ea57bd0f4c3c5d7916ea99560cdf5066bd6c12a8e61359e56071de1f1
GET /it/u=196467371,882010805&fm=253&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12837.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/jpeg
Content-Length: 155063
Connection: keep-alive
Expires: Sun, 12 Feb 2023 02:26:46 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 11116c346c0d61f30908ca38d6e859d9
Age: 797235
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 02:26:46 GMT
Ohc-Cache-HIT: cd5ct57 [3], czix160 [2]
Ohc-File-Size: 155063
X-Cache-Status: HIT
img0.baidu.com/it/u=1948873437,1578725175&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
182.140.225.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=1948873437,1578725175&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ae65e6d43103588e294295f4cce3001
a91bf8c5df6c1ecc396ddca4de5ed2e582d3ce7d
bc8b0036565992cfe6243dbee12f3f5b1ed5e60214dde969e80d930ea41c27c0
GET /it/u=1948873437,1578725175&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12837.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:11:43 GMT
content-type: image/webp
content-length: 20152
expires: Wed, 22 Feb 2023 03:11:43 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9ae65e6d43103588e294295f4cce3001
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:11:43 GMT
ohc-cache-hit: cd5ct52 [1], bdix52 [2]
ohc-file-size: 20152
x-cache-status: MISS
X-Firefox-Spdy: h2
12837.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12837.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12837.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12837.url.tudown.com/down/%E3%80%8A%E4%B8%8A%E5%8F%A4%E5%8D%B7%E8%BD%B45%E3%80%8B%E5%B0%BC%E5%B0%94%E6%9C%BA%E6%A2%B0%E7%BA%AA%E5%85%832b%E7%89%A9%E7%90%86%E5%8C%96%E6%9C%8D%E8%A3%85mod@353_68349.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674443500; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674443500
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:11:43 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes