r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8475
Expires: Sat, 04 Feb 2023 08:52:26 GMT
Date: Sat, 04 Feb 2023 06:31:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e051e6e01b12b9ad6e0014603f93431a
ada9efe77054d8593f2687fb3a7eada8908ef7e8
c41be8ffe176ca674efb0588164fdfd237754c6b5b461f8f46387b96ae7d6090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41BE8FFE176CA674EFB0588164FDFD237754C6B5B461F8F46387B96AE7D6090"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18292
Expires: Sat, 04 Feb 2023 11:36:03 GMT
Date: Sat, 04 Feb 2023 06:31:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:36:14 GMT
content-type: application/json
age: 3297
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Sat, 04 Feb 2023 10:06:03 GMT
Date: Sat, 04 Feb 2023 06:31:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PXMi4+yBvKCYSBaAsMrakRvkxrwJ8gxdRtJf3zx0R3r7/GW7I/e/YQcYvGqSSyGXNLDr0bJ2jYY=
x-amz-request-id: 51W20BGX53AEX19C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:52:43 GMT
age: 2308
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:31:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:07:19 GMT
age: 1433
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16631
Expires: Sat, 04 Feb 2023 11:08:23 GMT
Date: Sat, 04 Feb 2023 06:31:12 GMT
Connection: keep-alive
12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 013354a150ff65b8768846358673d1d1
28449258408f211dcb5b771c3951b87a9b7b8de7
6e3b0a7c2c98499f7aa5225ac6a27b1aa06d1b4ad56ba298f9ba8fb6234af6cf
GET /down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.36.23.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.23.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FwonQj8uohU4iTLPXZSiYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XeMNevsg1HoDDdPkDiCuebwoRRQ=
12832.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12832.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.2 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5409), with no line terminators
Hash d19bdae2e7e260cf8d073f646b1327b1
f11ad6bbb5854b91f30ae1d1d9e40b0735648a49
db04653da94f0ab49ba4af223faa764d36bdd60a1aa1dcb1fc773512d100bce5
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2200
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 07:31:13 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c2022deb15ff37e4-143
Server: yunjiasu
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 06:31:13 GMT
Ali-Swift-Global-Savetime: 1675492273
Via: cache5.l2de2[5,4,200-0,M], cache5.l2de2[6,0], cache8.se1[28,27,200-0,M], cache8.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16754922733357421e
12832.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:12 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Sat, 04 Feb 2023 18:31:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 06:31:13 GMT
Last-Modified: Fri, 03 Feb 2023 07:12:33 GMT
ETag: "63dcb3e1-1d7"
Expires: Sun, 05 Feb 2023 07:12:33 GMT
Cache-Control: max-age=88880
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675492273
Via: cache3.l2de2[51,50,200-0,M], cache3.l2de2[51,0], cache7.se1[73,72,200-0,M], cache7.se1[75,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16754922733042878e
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 2d1a15af936b883451dbf3d75568f863
fc4961b5f0041dc198464c6dda01183cb07ef0ae
b85ef4c0fe7a48d851368152ecd1cf3f17611ed52c2a11936e5d3ae01d932e9d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:50:17 GMT
ETag: "fc4961b5f0041dc198464c6dda01183cb07ef0ae"
Last-Modified: Sat, 04 Feb 2023 04:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3155
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79415cb4dfe2b51d-OSL
12832.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12832.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 06:31:13 GMT
Ali-Swift-Global-Savetime: 1675492273
Via: cache8.l2de2[315,315,200-0,M], cache8.l2de2[316,0], cache4.se1[338,338,200-0,M], cache4.se1[339,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816754922731537721e
12832.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.2 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5410), with no line terminators
Hash 4c7a9131cf1e27fa0c312b38e6a1e5f5
597dc5bce140d1a525b2f322006618751d021704
27d88b860c6bdc7cfab4a0bc7cb3f8b08be877b4124e9f2d61580a54a64dc371
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2207
Connection: keep-alive
Cache-Control: max-age=14400
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 10:31:13 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c2022dedf48337e7-143
Server: yunjiasu
12832.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.206301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache2.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9616754922735922872e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3dcf364a98ec525459de31da9ef17294
1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93
c5d1b7bb1ab9ead9d1274e898a83e0b153b002a003345b6b36f08f71357110c7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 06:02:26 GMT
last-modified: Sat, 04 Feb 2023 04:54:58 GMT
expires: Sat, 11 Feb 2023 04:54:57 GMT
etag: "1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93"
cache-control: max-age=600332,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
cf-ray: 7941328e6b98372c-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675490546
via: cache2.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[0,0], cache5.se1[3,0]
age: 1727
x-cache: HIT TCP_MEM_HIT dirn:9:1196935987
x-swift-savetime: Sat, 04 Feb 2023 06:10:56 GMT
x-swift-cachetime: 1290
timing-allow-origin: *, *
eagleid: 2ff62c9916754922736356250e, 2ff62c9916754922736356250e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3dcf364a98ec525459de31da9ef17294
1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93
c5d1b7bb1ab9ead9d1274e898a83e0b153b002a003345b6b36f08f71357110c7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 06:02:26 GMT
last-modified: Sat, 04 Feb 2023 04:54:58 GMT
expires: Sat, 11 Feb 2023 04:54:57 GMT
etag: "1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93"
cache-control: max-age=600332,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
cf-ray: 7941328e6b98372c-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675490546
via: cache2.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0], cache3.se1[3,0]
age: 1727
x-cache: HIT TCP_MEM_HIT dirn:2:1383945148
x-swift-savetime: Sat, 04 Feb 2023 06:28:08 GMT
x-swift-cachetime: 258
timing-allow-origin: *, *
eagleid: 2ff62c9716754922736337970e, 2ff62c9716754922736337970e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3dcf364a98ec525459de31da9ef17294
1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93
c5d1b7bb1ab9ead9d1274e898a83e0b153b002a003345b6b36f08f71357110c7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 06:02:26 GMT
last-modified: Sat, 04 Feb 2023 04:54:58 GMT
expires: Sat, 11 Feb 2023 04:54:57 GMT
etag: "1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93"
cache-control: max-age=600332,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
cf-ray: 7941328e6b98372c-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675490546
via: cache2.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0], cache1.se1[3,0]
age: 1727
x-cache: HIT TCP_MEM_HIT dirn:2:1383945148
x-swift-savetime: Sat, 04 Feb 2023 06:28:08 GMT
x-swift-cachetime: 258
timing-allow-origin: *, *
eagleid: 2ff62c9516754922736341975e, 2ff62c9516754922736341975e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3dcf364a98ec525459de31da9ef17294
1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93
c5d1b7bb1ab9ead9d1274e898a83e0b153b002a003345b6b36f08f71357110c7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 06:02:26 GMT
last-modified: Sat, 04 Feb 2023 04:54:58 GMT
expires: Sat, 11 Feb 2023 04:54:57 GMT
etag: "1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93"
cache-control: max-age=600332,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
cf-ray: 7941328e6b98372c-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675490546
via: cache2.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0], cache8.se1[3,0]
age: 1727
x-cache: HIT TCP_MEM_HIT dirn:2:1383945148
x-swift-savetime: Sat, 04 Feb 2023 06:28:08 GMT
x-swift-cachetime: 258
timing-allow-origin: *, *
eagleid: 2ff62c9c16754922736317577e, 2ff62c9c16754922736317577e
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Sat, 04 Feb 2023 07:59:40 GMT
Date: Sat, 04 Feb 2023 06:31:13 GMT
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 06:31:13 GMT
Ali-Swift-Global-Savetime: 1675492273
Via: cache26.l2de2[469,469,200-0,M], cache26.l2de2[470,0], cache7.se1[490,490,200-0,M], cache7.se1[491,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16754922732152827e
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
180.101.198.211200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3BDCDCF3936A08917
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 43
ali-swift-global-savetime: 1675307171
via: cache36.l2cn3055[57,57,200-0,M], cache30.l2cn3055[58,0], vcache5.cn4732[0,1,200-0,H], vcache22.cn4732[2,0]
age: 185102
x-cache: HIT TCP_HIT dirn:9:196091996
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62a16754922736468561e
X-Firefox-Spdy: h2
12832.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img4.duote.com/duoteimg/js/baidu_js_push.js
180.101.198.211200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Tue, 03 Jan 2023 12:52:52 GMT
x-oss-request-id: 63B42524A2FF263437FD44EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 6
ali-swift-global-savetime: 1672750372
via: cache41.l2cn3055[0,0,200-0,H], cache65.l2cn3055[1,0], vcache24.cn4732[0,0,200-0,H], vcache22.cn4732[1,0]
age: 2741901
x-cache: HIT TCP_MEM_HIT dirn:9:136430831
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 12995201
timing-allow-origin: *
eagleid: b465c62a16754922736968679e
X-Firefox-Spdy: h2
12832.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
180.97.251.250200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 05:36:54 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 05:36:54 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675489014
via: cache6.l2ea120-8[58,57,200-0,M], cache75.l2ea120-8[58,0], cache9.cn2205[0,0,200-0,H], cache13.cn2205[1,0]
age: 3259
x-cache: HIT TCP_MEM_HIT dirn:12:746971774
x-swift-savetime: Sat, 04 Feb 2023 05:36:54 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb2916754922737055523e
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:31:13 GMT
Connection: keep-alive
12832.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:31:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:31:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:31:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:31:13 GMT
Connection: keep-alive
img4.duote.com/duoteimg/js/front_ad.js
180.101.198.211200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Mon, 30 Jan 2023 14:45:14 GMT
x-oss-request-id: 63D7D7FA375B533033D1ED45
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1675089914
via: cache29.l2cn2641[0,0,200-0,H], cache20.l2cn2641[1,0], vcache2.cn4732[0,0,200-0,H], vcache22.cn4732[1,0]
age: 402359
x-cache: HIT TCP_HIT dirn:11:22325687
x-swift-savetime: Fri, 03 Feb 2023 10:18:49 GMT
x-swift-cachetime: 15222385
timing-allow-origin: *
eagleid: b465c62a16754922737518772e
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 29863
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12832.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 30040
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 29594
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 30154
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
180.101.198.211200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 03:08:25 GMT
vary: Accept-Encoding
x-oss-request-id: 634F6A297AA92E33352FF6B9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 29
content-encoding: gzip
ali-swift-global-savetime: 1666148905
via: cache25.l2cn3047[0,0,200-0,H], cache49.l2cn3047[1,0], vcache10.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 9343368
x-cache: HIT TCP_HIT dirn:11:361348434
x-swift-savetime: Wed, 19 Oct 2022 04:31:53 GMT
x-swift-cachetime: 15546992
timing-allow-origin: *
eagleid: b465c62a16754922737718806e
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 30052
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash bdef8be081a7be7c85662f6a5fadfa2f
a0b70bf9923979beca058eef7a0de7b102cf4395
e9dca5c5e939dc3da394d2bd58a2a169bcf8f8e30a523b316044fd3dbbe3d39e
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Length: 370
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 31389
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
222.186.17.193404 Not Found 548 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 222.186.17.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 548
date: Sat, 04 Feb 2023 06:31:13 GMT
ali-swift-global-savetime: 1675492273
via: cache48.l2cn3037[0,0,404-0,H], cache23.l2cn3037[1,0], cache23.l2cn3037[1,0], ens-vcache18.cn5274[6,6,404-1280,M], ens-vcache4.cn5274[7,0]
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 06:31:13 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: deba119716754922737964118e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
180.101.198.211200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Tue, 03 Jan 2023 08:39:42 GMT
x-oss-request-id: 63B3E9CEF01BDA30320260CE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "4C7F46FF62D37B2CC7456F8F9EB96611"
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
vary: Accept-Encoding
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 22
content-encoding: gzip
ali-swift-global-savetime: 1672735182
via: cache7.l2cn3055[0,19,200-0,H], cache51.l2cn3055[23,0], vcache27.cn4732[0,0,200-0,H], vcache22.cn4732[6,0]
age: 2757091
x-cache: HIT TCP_MEM_HIT dirn:9:20475925
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 12980011
timing-allow-origin: *
eagleid: b465c62a16754922738658986e
X-Firefox-Spdy: h2
static.mediav.com/js/mvf_g2.js
101.198.192.8200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Sat, 04 Feb 2023 11:31:14 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
12832.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12832.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Sat, 04 Feb 2023 18:31:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/uploads/images/548356.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/548356.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/548356.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
static.mediav.com/js/mvf_pm_slider.js
101.198.192.8200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Sat, 04 Feb 2023 11:31:14 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
12832.url.tudown.com/uploads/images/logo.png?n=4w32fzvzs3s3raxfswdornfy4653jzf7v3t2xgi&w=250
154.218.151.71200 OK 3.7 kB URL HTTP/1.1 12832.url.tudown.com/uploads/images/logo.png?n=4w32fzvzs3s3raxfswdornfy4653jzf7v3t2xgi&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 21d6e44ab06bf6e7017f6ac85b1872c9
eb3b2d8a7dd1ecb1d27123020231598cf071eec3
a74a2dc89dd579646732405b61fdf37609edfc4ba181e27baf55090935e0d095
GET /uploads/images/logo.png?n=4w32fzvzs3s3raxfswdornfy4653jzf7v3t2xgi&w=250 HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12832.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:13 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Sat, 04 Feb 2023 18:31:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12832.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
12832.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
12832.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
12832.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
bdcode.2345.com/awycyrm.js
42.81.8.130200 OK 38 kB URL HTTP/1.1 bdcode.2345.com/awycyrm.js
IP 42.81.8.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 5fbb10e03d1f57d1cc8b11f6733f05e9
6c5795f7e16e68be43e5416cf63e509a6caa58b8
550493b918a5548592ae1a76018c938f3ff7e9f64fe5af1dfcf91839e7270bd8
Analyzer Verdict Alert fortinet Malware
GET /awycyrm.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38255
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 07:31:14 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c2022df5f48437e7-143
Server: yunjiasu
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
58.215.47.196200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Tue, 03 Jan 2023 11:51:50 GMT
x-oss-request-id: 63B416D62B654B3335D3555D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 135
ali-swift-global-savetime: 1672746710
via: cache4.l2cn3055[0,0,200-0,H], cache55.l2cn3055[1,0], vcache10.cn4730[0,0,200-0,H], vcache17.cn4730[1,0]
age: 2745564
x-cache: HIT TCP_HIT dirn:10:171407477
x-swift-savetime: Thu, 02 Feb 2023 03:08:04 GMT
x-swift-cachetime: 12991426
timing-allow-origin: *
eagleid: 3ad72f2516754922744868691e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
58.215.47.196200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,304-0,H], cache45.l2cn3037[1,0], vcache24.cn4730[0,0,200-0,H], vcache17.cn4730[1,0]
age: 4851752
x-cache: HIT TCP_HIT dirn:9:326094677
x-swift-savetime: Sat, 10 Dec 2022 03:12:06 GMT
x-swift-cachetime: 15550596
timing-allow-origin: *
eagleid: 3ad72f2516754922744868692e
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash eceaa87d9a3316ee0dcad3fa5f444ee7
74afece1d64ad7c63136ffcd5d58ad1d15a764df
fb586a5f0f8968e29212268bb4bd746eae9cc20b4eda7fc41f1420482c74b3b9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 06:28:09 GMT
last-modified: Thu, 02 Feb 2023 04:39:52 GMT
expires: Thu, 09 Feb 2023 04:39:51 GMT
etag: "74afece1d64ad7c63136ffcd5d58ad1d15a764df"
cache-control: max-age=597701,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794158379be9377c-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675492089
via: cache9.l2de2[30,29,304-0,M], cache2.l2de2[31,0], cache8.se1[0,0,200-0,H], cache5.se1[1,0], cache5.se1[2,0]
age: 185
x-cache: HIT TCP_MEM_HIT dirn:1:97856521
x-swift-savetime: Sat, 04 Feb 2023 06:28:09 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9916754922746376918e, 2ff62c9916754922746376918e
12832.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash c45b5d23d78c603a4f679957cc907c55
c0c6131e462224b19bf52c269ffda26be7dcc3ce
7acbb574f2c3ce64da98b8bf9e8af19ba063535e4cbf9fadaf803c34381178dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:09:39 GMT
ETag: "c0c6131e462224b19bf52c269ffda26be7dcc3ce"
Last-Modified: Sat, 04 Feb 2023 04:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1173
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79415cbd2d37b51e-OSL
12832.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
12832.url.tudown.com/uploads/images/487655.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/487655.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/487655.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
58.215.47.196200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3DFFFCE35347F52A3
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 88
ali-swift-global-savetime: 1675307171
via: cache5.l2cn3055[0,0,200-0,H], cache65.l2cn3055[2,0], vcache3.cn4730[0,0,200-0,H], vcache17.cn4730[3,0]
age: 185103
x-cache: HIT TCP_HIT dirn:11:185880632
x-swift-savetime: Thu, 02 Feb 2023 03:07:59 GMT
x-swift-cachetime: 15551892
timing-allow-origin: *
eagleid: 3ad72f2516754922747468922e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
58.215.47.196200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A39A01B13931D7DCBD
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 156
ali-swift-global-savetime: 1675307171
via: cache63.l2cn3055[0,0,200-0,H], cache8.l2cn3055[2,0], vcache8.cn4730[0,0,200-0,H], vcache17.cn4730[3,0]
age: 185103
x-cache: HIT TCP_HIT dirn:9:137980682
x-swift-savetime: Thu, 02 Feb 2023 03:08:09 GMT
x-swift-cachetime: 15551882
timing-allow-origin: *
eagleid: 3ad72f2516754922747468921e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
58.215.47.196200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3F1D5B233305BE7E5
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 127
ali-swift-global-savetime: 1675307171
via: cache51.l2cn3055[0,0,200-0,H], cache14.l2cn3055[1,0], vcache13.cn4730[0,0,200-0,H], vcache17.cn4730[3,0]
age: 185103
x-cache: HIT TCP_HIT dirn:10:306174331
x-swift-savetime: Thu, 02 Feb 2023 03:08:08 GMT
x-swift-cachetime: 15551883
timing-allow-origin: *
eagleid: 3ad72f2516754922747468923e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
58.215.47.196200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3EE37C83934296313
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 101
ali-swift-global-savetime: 1675307171
via: cache51.l2cn3055[0,0,200-0,H], cache5.l2cn3055[1,0], vcache22.cn4730[0,0,200-0,H], vcache17.cn4730[4,0]
age: 185103
x-cache: HIT TCP_HIT dirn:10:225089549
x-swift-savetime: Thu, 02 Feb 2023 03:08:37 GMT
x-swift-cachetime: 15551854
timing-allow-origin: *
eagleid: 3ad72f2516754922747468924e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
58.215.47.196200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3E3631F36348B9DE4
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 88
ali-swift-global-savetime: 1675307171
via: cache25.l2cn3055[0,0,200-0,H], cache35.l2cn3055[2,0], vcache23.cn4730[0,0,200-0,H], vcache17.cn4730[4,0]
age: 185103
x-cache: HIT TCP_HIT dirn:10:136696048
x-swift-savetime: Thu, 02 Feb 2023 03:08:45 GMT
x-swift-cachetime: 15551846
timing-allow-origin: *
eagleid: 3ad72f2516754922747468926e
X-Firefox-Spdy: h2
12832.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12832.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash d7962dd3768427149f1a1c5239378dbb
7f11eb8c3c1fd1441a18314f709a059925b9f625
cc89a28b9d9e4021638c1d4b3653316d9d9f56e95c8c43dfeb72aebe11c4ce34
GET /common/ipnotice/ HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12832.url.tudown.com/uploads/images/930654.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/930654.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/930654.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2882475593,845134162&fm=253&app=120&f=JPEG?w=720&h=1280
12832.url.tudown.com/uploads/images/196116.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/196116.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/196116.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3713182546,4167173536&fm=253&fmt=auto?w=1280&h=800
12832.url.tudown.com/uploads/images/312952.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/312952.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/312952.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3221891901,1445256300&fm=224&app=112&f=JPEG?w=500&h=500
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
58.215.47.196200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3AEF36B303982E532
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 72
ali-swift-global-savetime: 1675307171
via: cache12.l2cn3055[0,0,200-0,H], cache59.l2cn3055[1,0], vcache19.cn4730[0,0,200-0,H], vcache17.cn4730[4,0]
age: 185103
x-cache: HIT TCP_HIT dirn:9:87652474
x-swift-savetime: Thu, 02 Feb 2023 03:08:42 GMT
x-swift-cachetime: 15551849
timing-allow-origin: *
eagleid: 3ad72f2516754922747468925e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
58.215.47.196200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Fri, 03 Feb 2023 01:07:51 GMT
x-oss-request-id: 63DC5E67C0503936329731E6
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 97
ali-swift-global-savetime: 1675386471
via: cache16.l2cn2635[0,0,200-0,H], cache54.l2cn2635[1,0], vcache7.cn4730[0,0,200-0,H], vcache17.cn4730[4,0]
age: 105803
x-cache: HIT TCP_HIT dirn:9:306531595
x-swift-savetime: Fri, 03 Feb 2023 02:43:19 GMT
x-swift-cachetime: 15546272
timing-allow-origin: *
eagleid: 3ad72f2516754922747468928e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
58.215.47.196200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Wed, 04 Jan 2023 12:19:30 GMT
x-oss-request-id: 63B56ED2565BBE303154AA8D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 68
ali-swift-global-savetime: 1672834770
via: cache16.l2cn3055[0,0,200-0,H], cache41.l2cn3055[1,0], vcache4.cn4730[0,0,200-0,H], vcache17.cn4730[4,0]
age: 2657504
x-cache: HIT TCP_HIT dirn:10:164606086
x-swift-savetime: Thu, 02 Feb 2023 03:08:23 GMT
x-swift-cachetime: 13079467
timing-allow-origin: *
eagleid: 3ad72f2516754922747468929e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
58.215.47.196200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Tue, 03 Jan 2023 14:51:52 GMT
x-oss-request-id: 63B44108DA57CC3430E71280
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 80
ali-swift-global-savetime: 1672757512
via: cache79.l2cn3055[0,0,200-0,H], cache73.l2cn3055[2,0], vcache27.cn4730[0,0,200-0,H], vcache17.cn4730[5,0]
age: 2734762
x-cache: HIT TCP_HIT dirn:10:376752577
x-swift-savetime: Thu, 02 Feb 2023 03:08:32 GMT
x-swift-cachetime: 13002200
timing-allow-origin: *
eagleid: 3ad72f2516754922747468927e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
58.215.47.196200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 58.215.47.196:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3C428EB3630F276FE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 117
ali-swift-global-savetime: 1675307171
via: cache12.l2cn3055[0,0,200-0,H], cache41.l2cn3055[1,0], vcache4.cn4730[0,0,200-0,H], vcache17.cn4730[5,0]
age: 185103
x-cache: HIT TCP_HIT dirn:9:7497928
x-swift-savetime: Thu, 02 Feb 2023 03:08:29 GMT
x-swift-cachetime: 15551862
timing-allow-origin: *
eagleid: 3ad72f2516754922747468931e
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/801488.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/801488.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/801488.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2921310266,2802470687&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
222.186.17.193404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 222.186.17.193:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Sat, 04 Feb 2023 06:31:15 GMT
ali-swift-global-savetime: 1675492275
via: cache48.l2cn3037[13,13,404-1280,M], cache79.l2cn3037[14,0], cache79.l2cn3037[15,0], ens-vcache18.cn5274[20,19,404-1280,M], ens-vcache4.cn5274[21,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 06:31:15 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: deba119716754922750375458e
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/52156.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/52156.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/52156.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=140611779,2383675196&fm=253&app=138&f=JPEG?w=800&h=500
12832.url.tudown.com/uploads/images/551369.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/551369.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/551369.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3195811037,3491461831&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/794617.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/794617.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/794617.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
12832.url.tudown.com/uploads/images/143040.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/143040.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/143040.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2565247011,4162103496&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 06 Feb 2023 08:39:29 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 78705
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: QjineMlAXhLG/PlsgM2X2uIKfsWp+HP3QbCjboYwAHuzbGpANStpwGzjEZ4OyAmfwap44giGyP+88Edrq3Apag==
x-bce-request-id: d5b3c661-6c66-459a-82f5-aba26c1b2d8f
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 08:39:29 GMT
Ohc-Cache-HIT: wz2ct52 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
12832.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
union2.50bang.org/web/duoteall?uId2=OUTSSURMUR&r=&fBL=1280*1024
180.101.190.124200 OK 0 B URL HTTP/1.1 union2.50bang.org/web/duoteall?uId2=OUTSSURMUR&r=&fBL=1280*1024
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/duoteall?uId2=OUTSSURMUR&r=&fBL=1280*1024 HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uidFlag=1; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uUid=E49163DDFBB30004FFB27EAE0006; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTL=1; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTT=1675492275; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Length: 0
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
58.216.13.241200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 58.216.13.241:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:52 GMT
x-oss-request-id: 63B54CB0F7910630375930C3
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 12
Ali-Swift-Global-Savetime: 1672826032
Via: cache38.l2cn1816[0,0,200-0,H], cache6.l2cn1816[1,0], vcache18.cn3841[0,0,200-0,H], vcache26.cn3841[7,0]
Age: 2666243
X-Cache: HIT TCP_MEM_HIT dirn:0:420922082
X-Swift-SaveTime: Sat, 14 Jan 2023 09:54:51 GMT
X-Swift-CacheTime: 14687941
Timing-Allow-Origin: *
EagleId: 3ad80dae16754922750678494e
12832.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12832.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:10:44 GMT
Last-Modified: Wed, 31 Aug 2022 02:55:38 GMT
ETag: "630ecdaa-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 1231
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 06:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [1]
Ohc-File-Size: 191
X-Cache-Status: HIT
12832.url.tudown.com/uploads/images/135352.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/135352.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/135352.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3656983722,4047756460&fm=253&fmt=auto?w=1280&h=800
12832.url.tudown.com/uploads/images/79832.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/79832.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/79832.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1970894975,957836162&fm=253&fmt=auto?w=1280&h=800
12832.url.tudown.com/uploads/images/33857.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/33857.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/33857.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12832.url.tudown.com/uploads/images/775159.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/775159.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/775159.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
12832.url.tudown.com/uploads/images/774343.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/774343.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/774343.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2280320549,3086157439&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=281
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 06:31:15 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 06:31:15 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AC24B4D6EF745059BF97739EBF9CE180:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 06:31:15 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12832.url.tudown.com/uploads/images/697827.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/697827.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/697827.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3375981963,1305208771&fm=253&app=120&f=JPEG?w=1280&h=800
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=63579822&s2=1569713301<u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&dc=3&ti=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675492309&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675492309&dtm=HTML_POST&tpr=1675492309013&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=48ba86da38c7a772&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=63579822&s2=1569713301<u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&dc=3&ti=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675492309&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675492309&dtm=HTML_POST&tpr=1675492309013&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=48ba86da38c7a772&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7683)
Hash 5b86d51fd23407ebbc040b9b70bab5b1
5445552a8fcb3f219b40ffebb2f85f4c01f619be
3bb4fbeab719fa7c7f9bcaf7691ad374f1a1651779cffb7272e9da36949b7a44
GET /s?wid=910&hei=120&di=u4965894&s1=63579822&s2=1569713301<u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&dc=3&ti=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675492309&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675492309&dtm=HTML_POST&tpr=1675492309013&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=48ba86da38c7a772&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 04 Feb 2023 06:31:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 14:31:15 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=8ECADBF804513025F04CF89A0699D00C:FG=1; expires=Sun, 04-Feb-54 06:31:15 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13011
X-Firefox-Spdy: h2
bdcode.2345.com/swtqusc.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/swtqusc.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /swtqusc.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 07:31:15 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c2022e05f48a37e7-143
Server: yunjiasu
img0.baidu.com/it/u=2921310266,2802470687&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
118.180.40.35200 OK 21 kB URL HTTP/2 img0.baidu.com/it/u=2921310266,2802470687&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc1083ae7321b43eb0f72d6108062b6d
4f5b8c2deb3051bd89f4092e19d1f096b34da680
ba315bfad90673eb017d8a76a6d596a1c5cee2eacda757695bb4c8bf83723bfe
GET /it/u=2921310266,2802470687&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:15 GMT
content-type: image/webp
content-length: 20672
expires: Fri, 17 Feb 2023 12:25:10 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: bc1083ae7321b43eb0f72d6108062b6d
age: 528638
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 12:25:10 GMT
ohc-cache-hit: lz5ct69 [4], czix159 [2]
ohc-file-size: 20672
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/36505.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/36505.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/36505.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=750797028,2594088978&fm=253&fmt=auto&app=120&f=PNG?w=1233&h=597
12832.url.tudown.com/uploads/images/669201.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/669201.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/669201.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
12832.url.tudown.com/uploads/images/491404.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/491404.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/491404.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:15 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500
12832.url.tudown.com/uploads/images/339695.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/339695.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/339695.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800
12832.url.tudown.com/uploads/images/896899.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/896899.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/896899.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1837533916,525033123&fm=253&app=138&f=JPEG?w=500&h=281
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=4210610167&s2=1725167765<u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&dc=3&ti=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675492309&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675492309&dtm=HTML_POST&tpr=1675492309013&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=48ba86da38c7a772&dft=0&ft=1
182.61.200.109200 OK 15 kB URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=4210610167&s2=1725167765<u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&dc=3&ti=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675492309&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675492309&dtm=HTML_POST&tpr=1675492309013&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=48ba86da38c7a772&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41973)
Hash 05b9e44c80ecd3d3bd08712f8b60f9e8
0a5418204e88e46a5449b0e85a46c40efaf873fc
c76a8d3839a44f6a5446453ab24fa4c0100873f14ae1b2194647de8bd35d77bf
GET /s?wid=890&hei=200&di=u5039524&s1=4210610167&s2=1725167765<u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&dc=3&ti=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675492309&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675492309&dtm=HTML_POST&tpr=1675492309013&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=48ba86da38c7a772&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 04 Feb 2023 06:31:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 14:31:15 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=8ECADBF804513025445A184FA754744D:FG=1; expires=Sun, 04-Feb-54 06:31:15 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14982
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
118.180.40.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 822x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0539f514f7dd077a886dbd1fccf15f3e
59ec712c81b6e65417a2b74e404267476a04e0c6
b9f77c7c50bfbbe21c67c2dbe08e2b6f6b9f813a25fa1968f594106938027da3
GET /it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 45166
expires: Sun, 12 Feb 2023 12:52:58 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0539f514f7dd077a886dbd1fccf15f3e
age: 146191
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 12:52:58 GMT
ohc-cache-hit: lz5ct67 [4], wzix57 [2]
ohc-file-size: 45166
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/740845.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/740845.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/740845.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/239922.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/239922.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/239922.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3686348871,933785255&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/629403.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/629403.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/629403.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1583446527,1135736080&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675492310&rnd=1638079903&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=24500&r=0&ww=1280&u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&tt=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675492310&rnd=1638079903&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=24500&r=0&ww=1280&u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&tt=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675492310&rnd=1638079903&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=24500&r=0&ww=1280&u=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&tt=%E6%8E%8C%E8%81%8A%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:31:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D8B451B016B6807D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12832.url.tudown.com/uploads/images/351381.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/351381.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/351381.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=835259009,2249229635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
12832.url.tudown.com/uploads/images/284400.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/284400.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/284400.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3860430014,3351586022&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
12832.url.tudown.com/uploads/images/959267.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/959267.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/959267.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=83730747,212992226&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12832.url.tudown.com/uploads/images/389592.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/389592.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/389592.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-27288922a87ffb5a1db7abd4c3a218f65901abc2&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&t=1675492309981&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-27288922a87ffb5a1db7abd4c3a218f65901abc2&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&t=1675492309981&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-27288922a87ffb5a1db7abd4c3a218f65901abc2&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&t=1675492309981&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 04 Feb 2023 06:31:16 GMT
content-length: 0
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1837533916,525033123&fm=253&app=138&f=JPEG?w=500&h=281
182.140.225.35200 OK 33 kB URL HTTP/1.1 img1.baidu.com/it/u=1837533916,525033123&fm=253&app=138&f=JPEG?w=500&h=281
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash e712fdc6d9bc47e9c2916a6946916229
f1114dd59937bdf1d5af739a3743553fc2eb1ed1
107cfec2a3e86bbf595e685ebb1298bc34578b36da91a1fd480acfa7018cc9ac
GET /it/u=1837533916,525033123&fm=253&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 33373
Connection: keep-alive
Expires: Thu, 09 Feb 2023 14:06:20 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: e712fdc6d9bc47e9c2916a6946916229
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 14:06:20 GMT
Ohc-Cache-HIT: cd5ct72 [1], xaix72 [4]
Ohc-File-Size: 33373
X-Cache-Status: MISS
sofire.baidu.com/h5/e/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12832.url.tudown.com/
Origin: http://12832.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12832.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Sat, 04 Feb 2023 06:31:16 GMT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12832.url.tudown.com/
Origin: http://12832.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12832.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Sat, 04 Feb 2023 06:31:16 GMT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/469817.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/469817.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/469817.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3163285871,2888724380&fm=253&app=120&f=JPEG?w=1280&h=800
12832.url.tudown.com/uploads/images/523335.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/523335.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/523335.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1132929413,3851671781&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
img2.baidu.com/it/u=750797028,2594088978&fm=253&fmt=auto&app=120&f=PNG?w=1233&h=597
118.180.40.35200 OK 178 kB URL HTTP/2 img2.baidu.com/it/u=750797028,2594088978&fm=253&fmt=auto&app=120&f=PNG?w=1233&h=597
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1233x597, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 178 kB (178296 bytes)
Hash b3c14982fad5419b8c3c38748658204a
d8132912628b6596a91dff3488d396afaeb586f3
9fc1de95951688d19a83c15b2a92f22a30b89ba1f597d0f15baa9aec54e161d4
GET /it/u=750797028,2594088978&fm=253&fmt=auto&app=120&f=PNG?w=1233&h=597 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 178296
expires: Fri, 03 Mar 2023 13:11:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b3c14982fad5419b8c3c38748658204a
age: 174073
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 13:11:58 GMT
ohc-cache-hit: lz5ct78 [4], czix194 [3]
ohc-file-size: 178296
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
118.180.40.35200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01cb6987a2f88b4bf4fb15676211d00e
579b6354038f75378ac114a87d8feabdbc673f8a
85c2cafdafea1c7b5d02c3a0a716d3e4e556b870da735f871afdcc15b9c28301
GET /it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 31924
expires: Sat, 18 Feb 2023 12:38:04 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 01cb6987a2f88b4bf4fb15676211d00e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 12:38:04 GMT
ohc-cache-hit: lz5ct66 [1], czix66 [2]
ohc-file-size: 31924
x-cache-status: MISS
X-Firefox-Spdy: h2
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Sat, 04 Feb 2023 06:31:16 GMT
etag: W/"616d5f72-850"
expires: Sat, 04 Feb 2023 07:31:16 GMT
last-modified: Mon, 18 Oct 2021 11:50:10 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c2022e0ec28437e0-143
content-length: 783
X-Firefox-Spdy: h2
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.211200 OK 60 kB URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.211:0
Hash 5d67bb390cf1cd93f700599db8d8e31f
eb1e93be3b848c28ea2d7769b933d6952928b02f
e9fe33228eb1eb218f8510fbec435c350d3a0a9836f5422bd77351719fb57465
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Sat, 04 Feb 2023 06:03:34 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1675490614
via: cache59.l2cn3037[32,31,304-0,M], cache31.l2cn3037[33,0], cache31.l2cn3037[33,0], vcache20.cn4733[0,0,200-0,H], vcache26.cn4733[1,0]
age: 1660
x-cache: HIT TCP_MEM_HIT dirn:10:456437127
x-swift-savetime: Sat, 04 Feb 2023 06:03:34 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c72e16754922741691032e
content-encoding: gzip
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/938541.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/938541.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/938541.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=370767981,3306591017&fm=253&app=120&f=JPEG?w=1280&h=800
12832.url.tudown.com/uploads/images/480145.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/480145.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/480145.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=586969395,4144135564&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500
118.180.40.35200 OK 77 kB URL HTTP/2 img0.baidu.com/it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e5f2efadad29345a354ae1b23c0673a4
217914cc5c701733b6b25c50af4ae6a5a5a4ed2d
2ebdbc78d5259ebf52a0a827b6737746a9d0f1ec4cb297a31b5fb71fe8063084
GET /it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 77244
expires: Mon, 20 Feb 2023 07:11:01 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: e5f2efadad29345a354ae1b23c0673a4
age: 72028
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:11:01 GMT
ohc-cache-hit: lz5ct73 [4], bdix73 [4]
ohc-file-size: 77244
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1583446527,1135736080&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
118.180.40.35200 OK 8.4 kB URL HTTP/2 img2.baidu.com/it/u=1583446527,1135736080&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b183df2edcaf19d28dd1088e5acd89dc
af47edc29fd5f8640b68a8823de61f1e2d2c7c28
98143f96f8bb80c419f623026a6c8e0934d99aa6030484241ead67a789c4ce0a
GET /it/u=1583446527,1135736080&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 8368
expires: Tue, 07 Feb 2023 13:58:40 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: b183df2edcaf19d28dd1088e5acd89dc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 13:58:40 GMT
ohc-cache-hit: lz5ct55 [1], wzix88 [4]
ohc-file-size: 8368
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/522886.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/522886.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/522886.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
img0.baidu.com/it/u=835259009,2249229635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
118.180.40.35200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=835259009,2249229635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x754, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d7bdeef240e37b138a1ea01bf480cde
5622350480d395aabe98dc1aa8086900abf8c69f
7e59a0a4d075b1c26028806762414621ae4798bdadc97b08c102b48179b4435c
GET /it/u=835259009,2249229635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 26062
expires: Sat, 25 Feb 2023 11:12:16 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2d7bdeef240e37b138a1ea01bf480cde
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 11:12:16 GMT
ohc-cache-hit: lz5ct52 [1], czix147 [4]
ohc-file-size: 26062
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
118.180.40.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x337, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2efc2110541ccf212976248eacfc744a
6dd4db7ec40fac2ebe7fa6297ccb2acd29f40cca
12ac2bb2332ba32de68b287f7d6c305888467627ce5d927072b237384cffc2e5
GET /it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 17112
expires: Sun, 05 Feb 2023 04:46:20 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 2efc2110541ccf212976248eacfc744a
age: 360895
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 04:46:20 GMT
ohc-cache-hit: lz5ct77 [4], suzix185 [4]
ohc-file-size: 17112
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3860430014,3351586022&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
118.180.40.35200 OK 7.5 kB URL HTTP/2 img2.baidu.com/it/u=3860430014,3351586022&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c6a3362e8fdf5e375fcd6660de471781
864f31e333bb4110c8501a13c9d4daaf629bc60f
e20953e1bf4905f349c3359696337550a3c269e44f323722f6f4d61de32c01aa
GET /it/u=3860430014,3351586022&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 7542
expires: Sun, 19 Feb 2023 05:42:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c6a3362e8fdf5e375fcd6660de471781
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 05:42:51 GMT
ohc-cache-hit: lz5ct60 [1], bdix100 [4]
ohc-file-size: 7542
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3375981963,1305208771&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 101 kB URL HTTP/1.1 img0.baidu.com/it/u=3375981963,1305208771&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 101 kB (100607 bytes)
Hash 266ed56a288fab809dcde382c3539994
8bbf2c5b7156cff1a3124efce243456fa23d94ff
72d36511069b5bb961d6d06554836689575e01a3a754b1ad629051d2eb884fc2
GET /it/u=3375981963,1305208771&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 100607
Connection: keep-alive
Expires: Fri, 03 Mar 2023 08:51:50 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 266ed56a288fab809dcde382c3539994
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 08:51:50 GMT
Ohc-Cache-HIT: ntct50 [1], xaix207 [4]
Ohc-File-Size: 100607
X-Cache-Status: MISS
t13.baidu.com/it/u=3195811037,3491461831&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 61 kB URL HTTP/1.1 t13.baidu.com/it/u=3195811037,3491461831&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 555b47d06735946768ccfd40576bf83d
2d78141b78649c37770600d4d4134aa8fde68fbc
81e9401ae5b962e2c0af4684b089893bd4e4b11c5235ef8beeb0bcb65c9ec128
GET /it/u=3195811037,3491461831&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 60627
Connection: keep-alive
Expires: Mon, 06 Feb 2023 05:58:17 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 555b47d06735946768ccfd40576bf83d
Age: 315212
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 05:58:17 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache57 [1], qdix75 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 60627
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
182.140.225.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3049dbfe7ea96d05d6d7c2026128dcf1
34aac4a8b7dd83d6684cf1ab6228e547be288d5b
e9dd027587b4c1fcaf0c6931a30402095924640d9d4f8d84df94a90ca04f3419
GET /it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:16 GMT
content-type: image/webp
content-length: 13460
expires: Sun, 19 Feb 2023 16:46:18 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3049dbfe7ea96d05d6d7c2026128dcf1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 16:46:18 GMT
ohc-cache-hit: cd5ct62 [1], xaix62 [2]
ohc-file-size: 13460
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 74 kB URL HTTP/1.1 t13.baidu.com/it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c40b5534cf55760c09bcc411a043fa70
4eb467c1527cbb739d4c696e539c10c085f1574b
05ad18e3801a1055257afa77b97f51bd3eb2436688c561a5539e4715b8a4ce97
GET /it/u=960818525,372298383&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 74313
Connection: keep-alive
Expires: Tue, 21 Feb 2023 03:36:08 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c40b5534cf55760c09bcc411a043fa70
Age: 1053175
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 03:36:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache56 [1], csix67 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 74313
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
119.96.52.35200 OK 62 kB URL HTTP/1.1 img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 09e8e409ceeaf1fbcbd17d303a66265a
1d98edcf4cf77ee1ac9f591af1a6398d18466bf9
55b6464263efa42751a90c05c96b4ea0223175f8e937a655f24d09efa5e1fcb1
GET /it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 62081
Connection: keep-alive
Expires: Mon, 27 Feb 2023 01:43:13 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 09e8e409ceeaf1fbcbd17d303a66265a
Age: 63222
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 01:43:13 GMT
Ohc-Cache-HIT: wh4ct53 [4], czix206 [2]
Ohc-File-Size: 62081
X-Cache-Status: HIT
t14.baidu.com/it/u=586969395,4144135564&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t14.baidu.com/it/u=586969395,4144135564&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b9bbe2f8b7b090afff2779fec2ff49f9
6b48681f7c3ff4947d6ae5dbdb73d601843f98f3
464ca7d97a316e64787d0b1649655ccc68bf41335a8b888cd6a346a9ae476289
GET /it/u=586969395,4144135564&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 38392
Connection: keep-alive
Expires: Sat, 11 Feb 2023 08:50:05 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: b9bbe2f8b7b090afff2779fec2ff49f9
Age: 1853280
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 08:50:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache64 [1], bdix153 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38392
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=140611779,2383675196&fm=253&app=138&f=JPEG?w=800&h=500
182.140.225.35200 OK 66 kB URL HTTP/1.1 img1.baidu.com/it/u=140611779,2383675196&fm=253&app=138&f=JPEG?w=800&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash ff3fe64102c3c7dad70f55d8af30855e
5b6b779da5a6266a915f36343677d24dd40757f5
efc2687319f78783e17803d0bb37f2f817f810b41cb47fef8fb06f3bdfdd0e8a
GET /it/u=140611779,2383675196&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 66380
Connection: keep-alive
Expires: Fri, 24 Feb 2023 04:35:26 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: ff3fe64102c3c7dad70f55d8af30855e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 04:35:26 GMT
Ohc-Cache-HIT: cd5ct69 [1], xiangyix69 [2]
Ohc-File-Size: 66380
X-Cache-Status: MISS
sofire.baidu.com/h5/t/8800
36.110.192.156200 OK 591 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with very long lines (591), with no line terminators
Hash 08218cd8948a9b60d5575cda5704a073
870e570afbf41e0dc067c18c1442f6cdf77e267f
be73516d93d68bb91ca164206782a81ba3eb5afd2fa06145d873e98fca4beb47
POST /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
X-Bdh5-Pf: 1
Content-Length: 3458
Origin: http://12832.url.tudown.com
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12832.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Sat, 04 Feb 2023 06:31:16 GMT
content-length: 591
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/986444.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/986444.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/986444.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4174613724,339070530&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/577491.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/577491.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/577491.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1876149255,1285972971&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/4932.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/4932.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/4932.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3004007615,1461416234&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800
119.96.52.35200 OK 145 kB URL HTTP/1.1 img2.baidu.com/it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", Exif Standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems \346\225\260\347\240\201\346\210\220\345\203\217, datetime=2015:12:26 19:43:56], baseline, precision 8, 1422x800, components 3\012- data
Size 145 kB (145338 bytes)
Hash e17eacaa97bf1c801a972c97ff645fcc
d3cd07e931d7ae002a1751327643f907bf586b87
104b1281acc4e3eb941653bf20d728c4cf94848849074210fdfcda579faaa60e
GET /it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 145338
Connection: keep-alive
Expires: Thu, 23 Feb 2023 06:44:12 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e17eacaa97bf1c801a972c97ff645fcc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 06:44:12 GMT
Ohc-Cache-HIT: wh4ct64 [2], suzix150 [4]
Ohc-File-Size: 145338
X-Cache-Status: MISS
t13.baidu.com/it/u=3686348871,933785255&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t13.baidu.com/it/u=3686348871,933785255&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f898752c7bc661659486d358f686b125
d58f5002ff4e15af51211f7513d97c62434473c0
82348e2842eb1262f8a7729bfc79393b12a9ccf39aadf57bfb9dcde0fb0f81ad
GET /it/u=3686348871,933785255&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 59597
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:17:57 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f898752c7bc661659486d358f686b125
Age: 1394708
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:17:57 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [1], bdix150 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59597
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1876149255,1285972971&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t14.baidu.com/it/u=1876149255,1285972971&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 32212c568f758e126702772062fa464c
465500358612e47076472f2ddd533a7d216fd6f2
59706bc1b640b63b6ed9e00f7f86c36738f44db910d1706f7071379658a21d6e
GET /it/u=1876149255,1285972971&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 27551
Connection: keep-alive
Expires: Wed, 22 Feb 2023 03:55:54 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 32212c568f758e126702772062fa464c
Age: 355066
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 03:55:54 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache64 [1], wzix64 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27551
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
118.180.40.35200 OK 6.0 kB URL HTTP/2 img0.baidu.com/it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ab3a9d0b567a1a97df0fb910220e828
e24bf864980fcfe718260b4d1f26560f42641557
28797bee1ea4afba47a624759a4e1f880aaa1c994bcaddd4cdf2df278a6277c3
GET /it/u=1778137657,540860777&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 5990
expires: Sun, 19 Feb 2023 12:15:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 8ab3a9d0b567a1a97df0fb910220e828
age: 172057
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 12:15:31 GMT
ohc-cache-hit: lz5ct50 [4], czix203 [2]
ohc-file-size: 5990
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/884009.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/884009.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/884009.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
12832.url.tudown.com/uploads/images/574380.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/574380.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/574380.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=4022668850,1745216210&fm=253&fmt=auto?w=1280&h=800
api.share.baidu.com/s.gif?l=http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:31:17 GMT
img1.baidu.com/it/u=83730747,212992226&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
182.140.225.35200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=83730747,212992226&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca8e1c06b7ee93eb00006f5a48448dff
c37728100c29671be42c763213f591a0830e4f38
29405e4af33a3de35e6c5e707410cdd9875cb99bd43865fbd9a6e8aa178643db
GET /it/u=83730747,212992226&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 23474
expires: Tue, 07 Feb 2023 14:56:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: ca8e1c06b7ee93eb00006f5a48448dff
age: 81809
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 14:56:48 GMT
ohc-cache-hit: cd5ct70 [4], csix92 [4]
ohc-file-size: 23474
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/985637.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/985637.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/985637.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=75961632,4077116808&fm=224&app=112&f=JPEG?w=500&h=500
cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
182.140.225.35200 OK 4.5 kB URL HTTP/2 cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type PNG image data, 44 x 984, 8-bit colormap, non-interlaced\012- data
Hash 3e2d110dd13ae372eac3c04347687487
666c77091671206a1ee7202bfa821afa63dfed94
4b86aeb9d139835e6517cef965d3442d8efca774abc2d6befc580ec63aace62e
GET /cpro/ui/noexpire/img/2.0.0/native_ad.png HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/png
content-length: 4514
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
etag: "6246a41f-11a2"
cache-control: max-age=315360000
age: 1568236
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Jun 2022 04:49:12 GMT
ohc-cache-hit: cd5ct60 [2], wzix60 [2]
ohc-file-size: 4514
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=3221891901,1445256300&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t14.baidu.com/it/u=3221891901,1445256300&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 06ca35c4eaa28d916fdb0555690798fa
45d917731d9e7907ca71cd1d8de4c041984ee07e
4fae634ddc2aeceed806b1abe7b044135ef60c7fadae37a11e7ec0163e933d22
GET /it/u=3221891901,1445256300&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 58225
Connection: keep-alive
Expires: Sat, 04 Mar 2023 08:37:39 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 06ca35c4eaa28d916fdb0555690798fa
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 08:37:39 GMT
Ohc-Upstream-Trace: 122.228.213.59; 58.20.204.59
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache59 [4], wzix59 [4]
Ohc-Response-Time: 1 0 0 2 362 363
Ohc-File-Size: 58225
X-Cache-Status: MISS
Timing-Allow-Origin: *
sofire.baidu.com/h5/e/8800
36.110.192.156200 OK 77 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b0955bbcdd5b182c27a3789e2c8492c
3ab371de1046ea4c2287cce9b80285045953b2a0
a2bab9ecd4d308053dcf1c83fb8f1e7fbe63c398447482ca14d316656ff4471a
POST /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Bdh5-Pf: 1
Origin: http://12832.url.tudown.com
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12832.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Sat, 04 Feb 2023 06:31:17 GMT
content-length: 77
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2882475593,845134162&fm=253&app=120&f=JPEG?w=720&h=1280
182.140.225.35200 OK 110 kB URL HTTP/1.1 img1.baidu.com/it/u=2882475593,845134162&fm=253&app=120&f=JPEG?w=720&h=1280
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Size 110 kB (109809 bytes)
Hash 35797e693feaab12a3db1a09070aae22
013d7003380f094f9a979f5724e8f2cf798d4b51
3510277d61c3183740a3921d8334b28bf23abcd43b311882eee9ac9ad846e537
GET /it/u=2882475593,845134162&fm=253&app=120&f=JPEG?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 109809
Connection: keep-alive
Expires: Tue, 07 Feb 2023 06:54:01 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 35797e693feaab12a3db1a09070aae22
Age: 80241
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 06:54:01 GMT
Ohc-Cache-HIT: cd5ct61 [4], bdix164 [4]
Ohc-File-Size: 109809
X-Cache-Status: HIT
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-27288922a87ffb5a1db7abd4c3a218f65901abc2&9=0&10=0&11=1445&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&t=1675492311479&r=lo
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-27288922a87ffb5a1db7abd4c3a218f65901abc2&9=0&10=0&11=1445&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&t=1675492311479&r=lo
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-27288922a87ffb5a1db7abd4c3a218f65901abc2&9=0&10=0&11=1445&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12832.url.tudown.com%2Fdown%2F%25E8%25AE%25A9%25E5%25A5%25B9%25E5%2585%25B4%25E5%25A5%258B2%25E4%25B9%258B%25E8%25B0%2583%25E6%2595%2599%25E5%25A5%25B3%25E4%25BB%2586%40271_33312.exe&t=1675492311479&r=lo HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Sat, 04 Feb 2023 06:31:17 GMT
content-length: 0
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3004007615,1461416234&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 31 kB URL HTTP/1.1 t15.baidu.com/it/u=3004007615,1461416234&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fa615271d80126f0608f71026326c6bd
919fe837c586d2f0877fd948ab4e36968ff2e8c6
26e5829f65350e5194d37a85a44692d972ebc52299ba6aa1d24b59f817a89c61
GET /it/u=3004007615,1461416234&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 31209
Connection: keep-alive
Expires: Fri, 24 Feb 2023 17:01:17 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: fa615271d80126f0608f71026326c6bd
Age: 175821
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 17:01:17 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache62 [4], czix99 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31209
X-Cache-Status: HIT
Timing-Allow-Origin: *
12832.url.tudown.com/uploads/images/399501.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/399501.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/399501.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1161912834,2856386775&fm=224&app=112&f=JPEG?w=350&h=350
t15.baidu.com/it/u=75961632,4077116808&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t15.baidu.com/it/u=75961632,4077116808&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 350cb30279f93dd4819e846b893e4c6d
78abeca42be05faf3a9e5f51c9356d62f0fc852c
c8a74c1990d1188ba4dc3f0fde5175ad7104a86fc21460932d554460c1021c3e
GET /it/u=75961632,4077116808&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 52849
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:37:48 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 350cb30279f93dd4819e846b893e4c6d
Age: 2016193
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:37:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache65 [1], bdix69 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52849
X-Cache-Status: HIT
Timing-Allow-Origin: *
12832.url.tudown.com/uploads/images/658135.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/658135.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/658135.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=813002300,1428737031&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=4174613724,339070530&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 33 kB URL HTTP/1.1 t15.baidu.com/it/u=4174613724,339070530&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2b343ea41adac30d229eab982c0d2d9f
6f18ac4574e1e3804151d7aebd1d44efed12d05f
f09f9b8e602e79f437e96a09e0633422b41da80dd3ea7cbda013ea882893ce2f
GET /it/u=4174613724,339070530&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 33421
Connection: keep-alive
Expires: Sun, 26 Feb 2023 14:36:10 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 2b343ea41adac30d229eab982c0d2d9f
Age: 536414
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 14:36:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache56 [1], suzix184 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33421
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
118.180.40.35200 OK 4.9 kB URL HTTP/2 img0.baidu.com/it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 12055e83d6901819ac9d4554e2b048da
77c9f80477e49bd4691bdf9a0d48e23a28a5d095
8faebb08f8d214ad6ed825eb189e34ca8a4e39ca8ff78016d0cbe506fa382da4
GET /it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 4926
expires: Sun, 05 Mar 2023 14:21:34 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 12055e83d6901819ac9d4554e2b048da
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 14:21:34 GMT
ohc-cache-hit: lz5ct63 [1], csix63 [2]
ohc-file-size: 4926
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=370767981,3306591017&fm=253&app=120&f=JPEG?w=1280&h=800
182.140.225.35200 OK 102 kB URL HTTP/1.1 img1.baidu.com/it/u=370767981,3306591017&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 102 kB (102095 bytes)
Hash 36383ca4e66ce8d140a6b1a7ad10d94f
d3271ccb917200cf1bc4834e9e1f91ce253c7d5c
660f6768fbe7593c61d62ef276f4821569f27fea2141e955828c2d06cbe41082
GET /it/u=370767981,3306591017&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 102095
Connection: keep-alive
Expires: Sat, 04 Feb 2023 16:28:02 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 36383ca4e66ce8d140a6b1a7ad10d94f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 16:28:02 GMT
Ohc-Cache-HIT: cd5ct53 [1], suzix222 [4]
Ohc-File-Size: 102095
X-Cache-Status: MISS
t15.baidu.com/it/u=1161912834,2856386775&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 17 kB URL HTTP/1.1 t15.baidu.com/it/u=1161912834,2856386775&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 17396aed711c6f6550c93bd4fa96d9fb
b94bb7302945ada8987634ada5bc0821272c91eb
0de734513c9de0a89fbbc40ff07b171dfc77d6c07d6a21fa8db3e204e5575ef1
GET /it/u=1161912834,2856386775&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 17346
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:19:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 17396aed711c6f6550c93bd4fa96d9fb
Age: 2019439
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 18:19:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache52 [4], csix117 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 17346
X-Cache-Status: HIT
Timing-Allow-Origin: *
wn.pos.baidu.com/adx.php?c=d25pZD03NWE4NmQyMzcwZWU2ODJmAHM9NzVhODZkMjM3MGVlNjgyZgB0PTE2NzU0OTIyNzUAc2U9MQBidT00AHByaWNlPVk5Mzdzd0FKTTBkN2pFcGdXNUlBOGhLM0ZLTlIzX0VhcVdDSUJ3AGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTAyMDU5ODQ5AHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTYAZWlkPTAAY2JpZD1ZOTM3c3dBSk0wZDdqRXBnVzVJQThoSzNGS05SM19FYXFXQ0lCdwBiY2htZD0wAHRtPTAAdj0xAGk9NDk2YjcwNDc
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD03NWE4NmQyMzcwZWU2ODJmAHM9NzVhODZkMjM3MGVlNjgyZgB0PTE2NzU0OTIyNzUAc2U9MQBidT00AHByaWNlPVk5Mzdzd0FKTTBkN2pFcGdXNUlBOGhLM0ZLTlIzX0VhcVdDSUJ3AGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTAyMDU5ODQ5AHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTYAZWlkPTAAY2JpZD1ZOTM3c3dBSk0wZDdqRXBnVzVJQThoSzNGS05SM19FYXFXQ0lCdwBiY2htZD0wAHRtPTAAdj0xAGk9NDk2YjcwNDc
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD03NWE4NmQyMzcwZWU2ODJmAHM9NzVhODZkMjM3MGVlNjgyZgB0PTE2NzU0OTIyNzUAc2U9MQBidT00AHByaWNlPVk5Mzdzd0FKTTBkN2pFcGdXNUlBOGhLM0ZLTlIzX0VhcVdDSUJ3AGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTAyMDU5ODQ5AHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTYAZWlkPTAAY2JpZD1ZOTM3c3dBSk0wZDdqRXBnVzVJQThoSzNGS05SM19FYXFXQ0lCdwBiY2htZD0wAHRtPTAAdj0xAGk9NDk2YjcwNDc HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:31:17 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=EAD162EF2D05BE36DC07B5AECA3DC44A:FG=1; expires=Sun, 04-Feb-24 06:31:17 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
img1.baidu.com/it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
182.140.225.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x753, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 772ab9824614001164e4e36990e945f9
17e9709e370369cc46de80cf424e0637a61fe578
1bb1b4fdeef06338082f310fe31143162ed2aed5d1fc40167109f02ac119773d
GET /it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 30996
expires: Sat, 25 Feb 2023 08:41:43 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 772ab9824614001164e4e36990e945f9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 08:41:43 GMT
ohc-cache-hit: cd5ct84 [1], csix84 [4]
ohc-file-size: 30996
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=813002300,1428737031&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 26 kB URL HTTP/1.1 t15.baidu.com/it/u=813002300,1428737031&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f32a2e3ca876034a4b6075ab085da56c
c030361f0de66949b13bf9fb9384a156c3d953fe
62a50f62b08c9fdc633fed14cc357a97036d68d4eb1ce1380b104d7c4802dc74
GET /it/u=813002300,1428737031&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 26495
Connection: keep-alive
Expires: Sun, 05 Feb 2023 04:48:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f32a2e3ca876034a4b6075ab085da56c
Age: 2018922
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 04:48:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache57 [2], qdix203 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 26495
X-Cache-Status: HIT
Timing-Allow-Origin: *
12832.url.tudown.com/uploads/images/99087.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/99087.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/99087.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1256258399,1542296638&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
12832.url.tudown.com/uploads/images/697833.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/697833.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/697833.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=541708025,2344879695&fm=253&app=120&f=JPEG?w=1280&h=800
12832.url.tudown.com/uploads/images/250564.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/250564.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/250564.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=237496493,2535803883&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=800
12832.url.tudown.com/uploads/images/422767.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/422767.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/422767.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1929106502,2082186796&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=1929106502,2082186796&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 72 kB URL HTTP/1.1 t15.baidu.com/it/u=1929106502,2082186796&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f7c88a70b8ac93dca94f32a88baf6837
6964a0d7d2da8a7466c28ed66f7db4c8a7581a12
d30a0147209856db3d2e0d74296310ef703b7c0ba675f9784c390d20fc33ac24
GET /it/u=1929106502,2082186796&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 71725
Connection: keep-alive
Expires: Thu, 16 Feb 2023 03:31:48 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f7c88a70b8ac93dca94f32a88baf6837
Age: 1562188
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 03:31:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache52 [1], qdix153 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 71725
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084
182.140.225.35200 OK 65 kB URL HTTP/2 img1.baidu.com/it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1084, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed522e4d49dbacc619ac8541ee8ade8e
f4a685c86d599c2cadfd67ed47c24aa36fffc45a
459b3fa719ebea3ac367e5a45e7f0c255990ef8622c0531e7ae42dec174e3031
GET /it/u=1268906902,778031885&fm=253&fmt=auto&app=138&f=JPG?w=500&h=1084 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 65404
expires: Thu, 02 Mar 2023 09:35:30 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ed522e4d49dbacc619ac8541ee8ade8e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 09:35:30 GMT
ohc-cache-hit: cd5ct80 [1], xiangyix80 [2]
ohc-file-size: 65404
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3163285871,2888724380&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 184 kB URL HTTP/1.1 img0.baidu.com/it/u=3163285871,2888724380&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 184 kB (184059 bytes)
Hash c5e6b7fba7fdef0c301722b270081db2
0d452e4d470e29a4ad393f18ae3471c9d46c0cf4
03a0918c55cd4017049f3dbb28c182621353ddcb75fea977ff5788d0861c308a
GET /it/u=3163285871,2888724380&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:16 GMT
Content-Type: image/jpeg
Content-Length: 184059
Connection: keep-alive
Expires: Sun, 05 Feb 2023 07:14:13 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: c5e6b7fba7fdef0c301722b270081db2
Age: 354188
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 07:14:13 GMT
Ohc-Cache-HIT: ntct53 [4], czix175 [4]
Ohc-File-Size: 184059
X-Cache-Status: HIT
wn.pos.baidu.com/adx.php?c=d25pZD03YmVjZmM2YTQxYTJiYTdiAHM9N2JlY2ZjNmE0MWEyYmE3YgB0PTE2NzU0OTIyNzUAc2U9MQBidT00AHByaWNlPVk5Mzdzd0FKSkYxN2pFcGdXNUlBOHNCdjlNX2F3VHpjYXFZUGpRAGNoYXJnZV9wcmljZT0yMgBzaGFyaW5nX3ByaWNlPTIyMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xMDIwNTk4NDkAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk5Mzdzd0FKSkYxN2pFcGdXNUlBOHNCdjlNX2F3VHpjYXFZUGpRAGJjaG1kPTAAdG09MAB2PTEAaT0wODI2ZmMyNw
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD03YmVjZmM2YTQxYTJiYTdiAHM9N2JlY2ZjNmE0MWEyYmE3YgB0PTE2NzU0OTIyNzUAc2U9MQBidT00AHByaWNlPVk5Mzdzd0FKSkYxN2pFcGdXNUlBOHNCdjlNX2F3VHpjYXFZUGpRAGNoYXJnZV9wcmljZT0yMgBzaGFyaW5nX3ByaWNlPTIyMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xMDIwNTk4NDkAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk5Mzdzd0FKSkYxN2pFcGdXNUlBOHNCdjlNX2F3VHpjYXFZUGpRAGJjaG1kPTAAdG09MAB2PTEAaT0wODI2ZmMyNw
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD03YmVjZmM2YTQxYTJiYTdiAHM9N2JlY2ZjNmE0MWEyYmE3YgB0PTE2NzU0OTIyNzUAc2U9MQBidT00AHByaWNlPVk5Mzdzd0FKSkYxN2pFcGdXNUlBOHNCdjlNX2F3VHpjYXFZUGpRAGNoYXJnZV9wcmljZT0yMgBzaGFyaW5nX3ByaWNlPTIyMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xMDIwNTk4NDkAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk5Mzdzd0FKSkYxN2pFcGdXNUlBOHNCdjlNX2F3VHpjYXFZUGpRAGJjaG1kPTAAdG09MAB2PTEAaT0wODI2ZmMyNw HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:31:17 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=EAD162EF2D05BE36ED3A7AF4826F6E97:FG=1; expires=Sun, 04-Feb-24 06:31:17 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
img1.baidu.com/it/u=2280320549,3086157439&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=281
182.140.225.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=2280320549,3086157439&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=281
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 499x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 20395f3052e5af2eb354ae5f22e9a089
9e916a1a94a8a1799001c3df9a7a6dd549ea4944
08ce8ac8d7b9bf909d13afa083b59d3f2540076ad4d0268c98bd60d4249f6a96
GET /it/u=2280320549,3086157439&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=281 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 20514
expires: Thu, 23 Feb 2023 12:48:28 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 20395f3052e5af2eb354ae5f22e9a089
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 12:48:28 GMT
ohc-cache-hit: cd5ct69 [1], suzix102 [4]
ohc-file-size: 20514
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3656983722,4047756460&fm=253&fmt=auto?w=1280&h=800
182.140.225.35200 OK 98 kB URL HTTP/2 img1.baidu.com/it/u=3656983722,4047756460&fm=253&fmt=auto?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash beda3d8c6843102a386409c42b05a770
2ebad1ea1d039a55306a7beef16e7509cc90c56f
37cb66c21c33c4b1aac907dfac90469aed7fac58aa2269df64a142fcdf05909c
GET /it/u=3656983722,4047756460&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 98172
expires: Thu, 02 Mar 2023 19:27:42 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: beda3d8c6843102a386409c42b05a770
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 19:27:42 GMT
ohc-cache-hit: cd5ct72 [1], csix72 [2]
ohc-file-size: 98172
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4022668850,1745216210&fm=253&fmt=auto?w=1280&h=800
182.140.225.35200 OK 126 kB URL HTTP/1.1 img1.baidu.com/it/u=4022668850,1745216210&fm=253&fmt=auto?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 126 kB (125524 bytes)
Hash 1196198161dc8da258cbe000704886fc
42c39932a41299e3caa8646694a81929a130e6b2
e0fa30be86eae1254489e0b7bf056268fd47d1eb3657b5849e6498e5a6fec4e1
GET /it/u=4022668850,1745216210&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/webp
Content-Length: 125524
Connection: keep-alive
Expires: Wed, 22 Feb 2023 02:43:49 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1196198161dc8da258cbe000704886fc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 02:43:49 GMT
Ohc-Cache-HIT: cd5ct52 [1], qdix105 [2]
Ohc-File-Size: 125524
X-Cache-Status: MISS
12832.url.tudown.com/uploads/images/842618.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/842618.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842618.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3264976075,114542755&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12832.url.tudown.com/uploads/images/450884.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/450884.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/450884.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
img0.baidu.com/it/u=237496493,2535803883&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=800
118.180.40.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=237496493,2535803883&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=800
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3fd50f939249ef7595094f34a221d5ec
e8d6425ad852529ec555ff7e189251e39547b0aa
157eacfd1995af8f1a99ecbab21581f12443851e9a21da487352173950ffa030
GET /it/u=237496493,2535803883&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 35964
expires: Tue, 21 Feb 2023 05:36:38 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 3fd50f939249ef7595094f34a221d5ec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:36:38 GMT
ohc-cache-hit: lz5ct63 [1], wzix63 [2]
ohc-file-size: 35964
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1970894975,957836162&fm=253&fmt=auto?w=1280&h=800
182.140.225.35200 OK 70 kB URL HTTP/2 img1.baidu.com/it/u=1970894975,957836162&fm=253&fmt=auto?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c2a8516016752dbc7d931152e9808894
64e0fd5a106baf42229f779fc7d096e8efd8e14a
2a8b82537d6ec723a8c1d7fd0b9930e49d664a61d2471bc6e45eaeb54e069014
GET /it/u=1970894975,957836162&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 69952
expires: Fri, 24 Feb 2023 10:01:42 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c2a8516016752dbc7d931152e9808894
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 10:01:42 GMT
ohc-cache-hit: cd5ct75 [1], xiangyix174 [4]
ohc-file-size: 69952
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2565247011,4162103496&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 10 kB URL HTTP/2 img1.baidu.com/it/u=2565247011,4162103496&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e301a3d29b6aae44564c6e364c62b5a
0d9bcd6a01c9f2a22c04b08ad81bce4c6ee5804a
90c30f81f3cb170896aa309ed78db611e6f9810fb79d31e5c515b7dd57a3b177
GET /it/u=2565247011,4162103496&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 10364
expires: Sun, 19 Feb 2023 15:31:34 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6e301a3d29b6aae44564c6e364c62b5a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 15:31:34 GMT
ohc-cache-hit: cd5ct52 [1], czix52 [4]
ohc-file-size: 10364
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=541708025,2344879695&fm=253&app=120&f=JPEG?w=1280&h=800
182.140.225.35200 OK 80 kB URL HTTP/1.1 img1.baidu.com/it/u=541708025,2344879695&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 622a0ebecb2c239af5f8e9d60cd7fb05
338fa54b2211f70fedc666dfdc555f2854bb66f1
215047588bad13302a1e7a74fad6a37eb56c07ce05ceebd7ff4cc6733c040726
GET /it/u=541708025,2344879695&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpeg
Content-Length: 79704
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:03:00 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 622a0ebecb2c239af5f8e9d60cd7fb05
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 00:03:00 GMT
Ohc-Cache-HIT: cd5ct62 [1], bdix150 [4]
Ohc-File-Size: 79704
X-Cache-Status: MISS
img1.baidu.com/it/u=1132929413,3851671781&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
182.140.225.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=1132929413,3851671781&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 90c850573c9a7d07e31ab28a05b339e3
109fb82aa76c162546d9877232d650edf8098f03
c3b2741e5bbaac068b125e1d4ca37fa50ee7064d66448fb75f3d3fb66ce64b1a
GET /it/u=1132929413,3851671781&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 21936
expires: Wed, 22 Feb 2023 03:27:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 90c850573c9a7d07e31ab28a05b339e3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:27:34 GMT
ohc-cache-hit: cd5ct69 [1], qdix117 [4]
ohc-file-size: 21936
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/943588.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/943588.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/943588.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
12832.url.tudown.com/uploads/images/418344.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/418344.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/418344.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1376024945,3243922859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/160067.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/160067.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/160067.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4247393896,3100653859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
bdsearch.2345.com/auto_ds?tyz=v&gjj=vw02rwzz2&ugk=hih-&gifk=w&ckl=bnnjWx4Ww9Ww9vw2xwWUolfWUno_iqhWUZigWw9_iqhWw9Wwz82Wwz48Wwz43Wwz8zWwz4zWwz53Wwz8zWwz2zWwz5yWwz8zWwz4zWwz25wWwz8yWwz53Wwz25Wwz82Wwz5uWwz2xWwz80Wwz3zWwz33Wwz8zWwz4zWwz5xWwz8yWwz55Wwz20Wyuw1vUxxxvwWU-r-&uij=v&kgi=v01zy3wxu3uvx&riz=w&gj=uru&uiz=u&uz=u&rr=v&utz=Vv&vel=-hZi_cha&twm=u&umz=uWUu&uzj=u<=vw2urvuuw&rek=u&llzu=zzZ3y0X1XwXx-._z&in=3x3&tvt=ON9V2&uts=UUUYXc_oUohcihUZXffYXZe&gzj=VvrVv&kz=W80W28W26W82W2vW24W8zW59W45W8yW52W23(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33Ww9W80W23W25W80W36W54W80W36W2uW80W30W5uW81W23W22W8yW52W25W82W57W57&kcd=v01zy3wxu3&ttv=nlo-&ukd=4ONIUDMIHJ&vogj=vvuuvv>j=vw02r3x3&ut=y&uwk=u&ji=vw2urvuwy&tgc=u&mvi=uvw3&vtu=v&usm=u&kte=v01zy3wxu3&urz=u&gjz=y2YX20_Xx2Z1X11w
42.81.8.129200 OK 78 B URL HTTP/2 bdsearch.2345.com/auto_ds?tyz=v&gjj=vw02rwzz2&ugk=hih-&gifk=w&ckl=bnnjWx4Ww9Ww9vw2xwWUolfWUno_iqhWUZigWw9_iqhWw9Wwz82Wwz48Wwz43Wwz8zWwz4zWwz53Wwz8zWwz2zWwz5yWwz8zWwz4zWwz25wWwz8yWwz53Wwz25Wwz82Wwz5uWwz2xWwz80Wwz3zWwz33Wwz8zWwz4zWwz5xWwz8yWwz55Wwz20Wyuw1vUxxxvwWU-r-&uij=v&kgi=v01zy3wxu3uvx&riz=w&gj=uru&uiz=u&uz=u&rr=v&utz=Vv&vel=-hZi_cha&twm=u&umz=uWUu&uzj=u<=vw2urvuuw&rek=u&llzu=zzZ3y0X1XwXx-._z&in=3x3&tvt=ON9V2&uts=UUUYXc_oUohcihUZXffYXZe&gzj=VvrVv&kz=W80W28W26W82W2vW24W8zW59W45W8yW52W23(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33Ww9W80W23W25W80W36W54W80W36W2uW80W30W5uW81W23W22W8yW52W25W82W57W57&kcd=v01zy3wxu3&ttv=nlo-&ukd=4ONIUDMIHJ&vogj=vvuuvv>j=vw02r3x3&ut=y&uwk=u&ji=vw2urvuwy&tgc=u&mvi=uvw3&vtu=v&usm=u&kte=v01zy3wxu3&urz=u&gjz=y2YX20_Xx2Z1X11w
IP 42.81.8.129:0
File type ASCII text, with no line terminators
Hash b77b23f702f4c4a80b6267a4b2057a55
991b4b67f69f7c5d620567c16ee9d13bf81cb5b6
e55c025e38e5b5d21936db52a31ed42bef83131ab23f1be8f7319a98b45c996f
GET /auto_ds?tyz=v&gjj=vw02rwzz2&ugk=hih-&gifk=w&ckl=bnnjWx4Ww9Ww9vw2xwWUolfWUno_iqhWUZigWw9_iqhWw9Wwz82Wwz48Wwz43Wwz8zWwz4zWwz53Wwz8zWwz2zWwz5yWwz8zWwz4zWwz25wWwz8yWwz53Wwz25Wwz82Wwz5uWwz2xWwz80Wwz3zWwz33Wwz8zWwz4zWwz5xWwz8yWwz55Wwz20Wyuw1vUxxxvwWU-r-&uij=v&kgi=v01zy3wxu3uvx&riz=w&gj=uru&uiz=u&uz=u&rr=v&utz=Vv&vel=-hZi_cha&twm=u&umz=uWUu&uzj=u<=vw2urvuuw&rek=u&llzu=zzZ3y0X1XwXx-._z&in=3x3&tvt=ON9V2&uts=UUUYXc_oUohcihUZXffYXZe&gzj=VvrVv&kz=W80W28W26W82W2vW24W8zW59W45W8yW52W23(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33Ww9W80W23W25W80W36W54W80W36W2uW80W30W5uW81W23W22W8yW52W25W82W57W57&kcd=v01zy3wxu3&ttv=nlo-&ukd=4ONIUDMIHJ&vogj=vvuuvv>j=vw02r3x3&ut=y&uwk=u&ji=vw2urvuwy&tgc=u&mvi=uvw3&vtu=v&usm=u&kte=v01zy3wxu3&urz=u&gjz=y2YX20_Xx2Z1X11w HTTP/1.1
Host: bdsearch.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: application/javascript;charset=UTF-8
date: Sat, 04 Feb 2023 06:31:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 14:31:17 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: yunjiasu
x-xss-protection: 0
yjs-id: c2022e193f8137e3-143
content-length: 78
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1256258399,1542296638&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
182.140.225.35200 OK 68 kB URL HTTP/2 img1.baidu.com/it/u=1256258399,1542296638&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 317b40c81455242ccb6a885a876cc816
eb788314e92bd86212516c22aff997d7e5467a97
72826d14b9c58ab94b7751d8e306a8bd96c223dfa3e51128d015f4511de21dc8
GET /it/u=1256258399,1542296638&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:17 GMT
content-type: image/webp
content-length: 68058
expires: Sat, 18 Feb 2023 10:27:37 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 317b40c81455242ccb6a885a876cc816
age: 13125
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 10:27:37 GMT
ohc-cache-hit: cd5ct81 [4], suzix145 [4]
ohc-file-size: 68058
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/196225.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/196225.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/196225.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1245985798,1806012075&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=1245985798,1806012075&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 77 kB URL HTTP/1.1 t13.baidu.com/it/u=1245985798,1806012075&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 250f1e8a8b077682b0996f7c253045dd
4d41c1ddb3392e8704fdbb4865287bc8753a022b
67e932a1458a0aaeafcea7dcd2f2f59c5e9ffc75c0218ab864aff9900b84632e
GET /it/u=1245985798,1806012075&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 77018
Connection: keep-alive
Expires: Sun, 26 Feb 2023 21:00:27 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 250f1e8a8b077682b0996f7c253045dd
Age: 536020
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 21:00:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache50 [4], suzix184 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 77018
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3264976075,114542755&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
182.140.225.35200 OK 50 kB URL HTTP/2 img1.baidu.com/it/u=3264976075,114542755&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b052759a95c894fe93caa2780cd56b3d
9784bca8fe1061c7ea5443bae52f01ce56a23821
42cb261bdcc8f8344c09a6dba8b2200910adba0b4200a1cd69c8aa7efdbdd0ce
GET /it/u=3264976075,114542755&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 50134
expires: Sat, 04 Mar 2023 16:35:53 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b052759a95c894fe93caa2780cd56b3d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 16:35:53 GMT
ohc-cache-hit: cd5ct50 [1], csix108 [4]
ohc-file-size: 50134
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1376024945,3243922859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.180.40.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=1376024945,3243922859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd564d23f1a5b16ab55a8e7ed7f6e770
b1f62eed56b1e81b37fac4afa1699d6d50b5636b
87b6f73d0c04be968d4f4d90fa93f246c93e3cecd2f5f7c96acdf0e01a67c389
GET /it/u=1376024945,3243922859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 16078
expires: Wed, 22 Feb 2023 03:47:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: dd564d23f1a5b16ab55a8e7ed7f6e770
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:47:15 GMT
ohc-cache-hit: lz5ct69 [1], suzix69 [4]
ohc-file-size: 16078
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
118.180.40.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 255f9deccf59b81cb123d6b6ff32ec0b
d8211788ed755d4f25d0794a650c53fc904e132f
3f510906a37dfa9a14a23e77fd76ff2714b447d4c0324384b522bb600dc80a67
GET /it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 18362
expires: Sat, 04 Mar 2023 07:55:11 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 255f9deccf59b81cb123d6b6ff32ec0b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 07:55:11 GMT
ohc-cache-hit: lz5ct65 [1], csix111 [4]
ohc-file-size: 18362
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4247393896,3100653859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
118.180.40.35200 OK 37 kB URL HTTP/2 img2.baidu.com/it/u=4247393896,3100653859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x753, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85f218aba2c5d5292a5de718cade72f5
e274037d3c2970bd3beee7088fbdf57e3ca32423
f84cec196983472c1f1902bd396885f4c6be36f9ef9c00c7bd54eb941943d8cb
GET /it/u=4247393896,3100653859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 37338
expires: Mon, 06 Feb 2023 18:11:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 85f218aba2c5d5292a5de718cade72f5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 18:11:05 GMT
ohc-cache-hit: lz5ct76 [1], qdix221 [4]
ohc-file-size: 37338
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/594474.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/594474.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/594474.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500
12832.url.tudown.com/uploads/images/386189.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/386189.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/386189.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=137162764,3170869193&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/152639.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/152639.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/152639.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1109849099,4255714048&fm=224&app=112&f=JPEG?w=381&h=499
12832.url.tudown.com/uploads/images/355020.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/355020.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/355020.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800
12832.url.tudown.com/uploads/images/472363.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/472363.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/472363.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1169884070,783163857&fm=253&fmt=auto&app=138&f=GIF?w=360&h=640
img1.baidu.com/it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
182.140.225.35200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a798b8e0fc46b6ae1f8b31b325bbfaa8
99d8cdd714df5494c2d61556bbde06830bcf92e6
b46ee7108b759f3ae7409bd520a26b1cee05fc82526369a0531ecb90f17926bf
GET /it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 24142
expires: Mon, 20 Feb 2023 19:33:18 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a798b8e0fc46b6ae1f8b31b325bbfaa8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 19:33:18 GMT
ohc-cache-hit: cd5ct50 [1], czix160 [4]
ohc-file-size: 24142
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=137162764,3170869193&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 68 kB URL HTTP/1.1 t14.baidu.com/it/u=137162764,3170869193&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 164e7857de9964cfddd9eb48062d1cae
cfd14d7799530db57b772508b7332f43695e0875
eaa0bca434563f0fa4b3a5e2a2dd423611408e3bb93b85b0914be8fa8b079fef
GET /it/u=137162764,3170869193&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 67519
Connection: keep-alive
Expires: Thu, 09 Feb 2023 04:20:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 164e7857de9964cfddd9eb48062d1cae
Age: 2016709
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 04:20:37 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache65 [1], suzix232 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 67519
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1109849099,4255714048&fm=224&app=112&f=JPEG?w=381&h=499
185.10.104.124200 OK 46 kB URL HTTP/1.1 t14.baidu.com/it/u=1109849099,4255714048&fm=224&app=112&f=JPEG?w=381&h=499
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 381x499, components 3\012- data
Hash bdc6a5dce2f05ace70d90da6969cb846
db062e1f4cccbd406389a84c122ba36b9e949535
f43792dd4369fe2d5af8076a384147186b62f53eae2b1e486f4db1db1f186732
GET /it/u=1109849099,4255714048&fm=224&app=112&f=JPEG?w=381&h=499 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 46111
Connection: keep-alive
Expires: Tue, 14 Feb 2023 02:58:43 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: bdc6a5dce2f05ace70d90da6969cb846
Age: 347759
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 02:58:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache54 [1], xiangyix191 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46111
X-Cache-Status: HIT
Timing-Allow-Origin: *
12832.url.tudown.com/uploads/images/618864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/618864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/618864.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=757324807,1445101744&fm=224&app=112&f=JPEG?w=500&h=500
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 06:31:18 GMT
Last-Modified: Fri, 03 Feb 2023 15:48:37 GMT
ETag: "63dd2cd5-1d7"
Expires: Sun, 05 Feb 2023 15:48:37 GMT
Cache-Control: max-age=119839
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675492278
Via: cache21.l2de2[4,3,200-0,M], cache21.l2de2[6,0], cache4.se1[28,28,200-0,M], cache4.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816754922783813364e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 06:31:18 GMT
Last-Modified: Fri, 03 Feb 2023 15:48:37 GMT
ETag: "63dd2cd5-1d7"
Expires: Sun, 05 Feb 2023 15:48:37 GMT
Cache-Control: max-age=119839
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675492278
Via: cache4.l2de2[47,47,200-0,M], cache4.l2de2[49,0], cache8.se1[71,70,200-0,M], cache8.se1[72,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16754922783592377e
t14.baidu.com/it/u=757324807,1445101744&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 35 kB URL HTTP/1.1 t14.baidu.com/it/u=757324807,1445101744&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fa268df4fb35d6972b88317777c4633b
84c27f6b478aa657f301991dccb7c299d0f7b1f3
dcf9a14d0e0a051dfc415103a2c79c90c14d807343394c5f4b852db03388e893
GET /it/u=757324807,1445101744&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 34895
Connection: keep-alive
Expires: Tue, 28 Feb 2023 11:32:44 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: fa268df4fb35d6972b88317777c4633b
Age: 364096
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 11:32:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache52 [1], qdix189 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34895
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 06:31:18 GMT
Last-Modified: Fri, 03 Feb 2023 15:48:37 GMT
ETag: "63dd2cd5-1d7"
Expires: Sun, 05 Feb 2023 15:48:37 GMT
Cache-Control: max-age=119839
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675492278
Via: cache3.l2de2[48,48,200-0,M], cache3.l2de2[49,0], cache7.se1[71,70,200-0,M], cache7.se1[72,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16754922783806100e
img2.baidu.com/it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500
119.96.52.35200 OK 66 kB URL HTTP/1.1 img2.baidu.com/it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash bde4e9459c14d9722389b1540490579c
5078f6cd2fb395dace777c0e27dfd56ec1e8eed0
0d6619256155968834d70bdc486fdec7aacb274da23296f3245cc7251720fadd
GET /it/u=1222845442,2152768232&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 66169
Connection: keep-alive
Expires: Thu, 23 Feb 2023 10:57:48 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bde4e9459c14d9722389b1540490579c
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 10:57:48 GMT
Ohc-Cache-HIT: wh4ct60 [1], wzix77 [4]
Ohc-File-Size: 66169
X-Cache-Status: MISS
img0.baidu.com/it/u=1169884070,783163857&fm=253&fmt=auto&app=138&f=GIF?w=360&h=640
118.180.40.35200 OK 153 kB URL HTTP/2 img0.baidu.com/it/u=1169884070,783163857&fm=253&fmt=auto&app=138&f=GIF?w=360&h=640
IP 118.180.40.35:0
File type GIF image data, version 89a, 360 x 640\012- data
Size 153 kB (152819 bytes)
Hash e82f63a0979c1bd3a0595f02d45cd8b4
3fe83429b969e41bf82b24575364969ba26de7a1
2ea467cc7f5d6b124bf8942f5c57f2ae43f949799514797c2357b0a4fea1e91c
GET /it/u=1169884070,783163857&fm=253&fmt=auto&app=138&f=GIF?w=360&h=640 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/gif
content-length: 152819
expires: Sun, 26 Feb 2023 07:16:30 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e82f63a0979c1bd3a0595f02d45cd8b4
age: 172066
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 07:16:30 GMT
ohc-cache-hit: lz5ct61 [4], xiangyix175 [4]
ohc-file-size: 152819
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/95236.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/95236.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/95236.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2788187379,2877494816&fm=224&app=112&f=JPEG?w=500&h=500
lupic.cdn.bcebos.com/20210629/207856_14.jpg
183.60.219.35200 OK 25 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/207856_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash d8c60d5b7a57707df8b3f4fa9326372b
e9e1df240c791deaf2663089664fbed458843da7
fa5a46c5297344f2f174556e2bdab86262395a2ba2fcabc680b4613bf9147560
GET /20210629/207856_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 24927
expires: Sun, 05 Feb 2023 05:29:33 GMT
last-modified: Thu, 01 Jul 2021 20:58:23 GMT
etag: "d8c60d5b7a57707df8b3f4fa9326372b"
age: 176492
accept-ranges: bytes
content-md5: 2MYNW3pXcH34s/T6kyY3Kw==
x-bce-content-crc32: 0
x-bce-debug-id: 5+qyV3M9g3QAMEzR9JzDYfRiIMYqYuwoRZ0QMCcoK8Y6VNfU79Kw4QcFi0M4YT8FTmDeB+aZ9Ks8dcgxr1imQg==
x-bce-request-id: e313dc58-793d-4c7e-b126-ca0ff754760a
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 05:29:33 GMT
ohc-cache-hit: fs3ct57 [4], xaix189 [2]
ohc-file-size: 24927
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/265271.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/265271.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/265271.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1396723519,2116952154&fm=253&app=120&f=JPEG?w=1280&h=800
12832.url.tudown.com/uploads/images/865675.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/865675.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/865675.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4137681254,2040217381&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 06:31:18 GMT
Last-Modified: Fri, 03 Feb 2023 15:48:37 GMT
ETag: "63dd2cd5-1d7"
Expires: Sun, 05 Feb 2023 15:48:37 GMT
Cache-Control: max-age=119839
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675492278
Via: cache19.l2de2[313,313,200-0,M], cache19.l2de2[314,0], cache7.se1[334,334,200-0,M], cache7.se1[335,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 06:31:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16754922783846102e
12832.url.tudown.com/uploads/images/135458.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/135458.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/135458.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=908219215,39289519&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12832.url.tudown.com/uploads/images/537749.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/537749.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/537749.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3001627347,2749052070&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737
t15.baidu.com/it/u=2788187379,2877494816&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t15.baidu.com/it/u=2788187379,2877494816&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c4696c484c0772e4a3c1178011a822eb
6cac2c4804d4048a8cf22c6a69ebf34ee447b8df
82ae01555aa85dbda643f8d45d3fe6249f7b477f0c0f57eeabdb8cbc6a54e314
GET /it/u=2788187379,2877494816&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 59612
Connection: keep-alive
Expires: Tue, 07 Feb 2023 22:54:23 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c4696c484c0772e4a3c1178011a822eb
Age: 2021033
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 22:54:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache62 [4], qdix68 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59612
X-Cache-Status: HIT
Timing-Allow-Origin: *
12832.url.tudown.com/uploads/images/490980.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/490980.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/490980.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4088854852,22443918&fm=253&fmt=auto&app=120&f=JPEG?w=720&h=1280
img0.baidu.com/it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 129 kB URL HTTP/1.1 img0.baidu.com/it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 129 kB (129085 bytes)
Hash df3f5fad30f12732596976151f306c7f
fc84c584e0fafa162221f02339888d3821506149
cf04391f5e163715982d67b3a8757a4deb792c3c1b304aa9123fd0f666a24830
GET /it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 129085
Connection: keep-alive
Expires: Sat, 18 Feb 2023 02:34:10 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: df3f5fad30f12732596976151f306c7f
Age: 353183
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 02:34:10 GMT
Ohc-Cache-HIT: ntct52 [4], bdix119 [2]
Ohc-File-Size: 129085
X-Cache-Status: HIT
img2.baidu.com/it/u=4137681254,2040217381&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
118.180.40.35200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=4137681254,2040217381&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 07abf5f87da1f3cb458b4c337dfb9b31
1e4d0b77d6c8b7aae64b792e29918004dda152b8
db468ef46b7be31ad1d96968db693ad4a8db884aae9a7d4ad6d527067708a420
GET /it/u=4137681254,2040217381&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 17062
expires: Thu, 16 Feb 2023 00:29:24 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 07abf5f87da1f3cb458b4c337dfb9b31
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 00:29:24 GMT
ohc-cache-hit: lz5ct79 [1], csix90 [2]
ohc-file-size: 17062
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/182995.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/182995.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/182995.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=61696334,2398799334&fm=253&fmt=auto&app=138&f=JPEG?w=347&h=500
12832.url.tudown.com/uploads/images/840335.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/840335.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/840335.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743
12832.url.tudown.com/uploads/images/134554.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/134554.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/134554.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2042546953,3042878300&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300
12832.url.tudown.com/uploads/images/876327.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/876327.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/876327.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1336896760,2293914509&fm=253&fmt=auto?w=1280&h=800
12832.url.tudown.com/uploads/images/260673.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/260673.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/260673.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
12832.url.tudown.com/uploads/images/472086.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/472086.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/472086.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3442397391,4272240420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img1.baidu.com/it/u=4088854852,22443918&fm=253&fmt=auto&app=120&f=JPEG?w=720&h=1280
182.140.225.35200 OK 71 kB URL HTTP/2 img1.baidu.com/it/u=4088854852,22443918&fm=253&fmt=auto&app=120&f=JPEG?w=720&h=1280
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75baca233ebece273773bdab0b25a026
f67830156193ac8cf3e64b06ee09f100a2791e82
75704898d85a97283d9d8058dc8440f9a9009f282a9e0793576017000794ae51
GET /it/u=4088854852,22443918&fm=253&fmt=auto&app=120&f=JPEG?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/webp
content-length: 71302
expires: Sat, 18 Feb 2023 07:27:12 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 75baca233ebece273773bdab0b25a026
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 07:27:12 GMT
ohc-cache-hit: cd5ct70 [1], qdix167 [4]
ohc-file-size: 71302
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1396723519,2116952154&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 121 kB URL HTTP/1.1 img0.baidu.com/it/u=1396723519,2116952154&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 121 kB (121336 bytes)
Hash 1319769cd8b7cdfe4509287985584899
11d6a3b81f610f90d859cbb9c067e1d04acb0e5f
2729e2ba61587bb5f03274360cce21b2efd75c835929332f452f60e9598e829f
GET /it/u=1396723519,2116952154&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:18 GMT
Content-Type: image/jpeg
Content-Length: 121336
Connection: keep-alive
Expires: Thu, 23 Feb 2023 11:14:05 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 1319769cd8b7cdfe4509287985584899
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 11:14:05 GMT
Ohc-Cache-HIT: ntct54 [1], suzix164 [4]
Ohc-File-Size: 121336
X-Cache-Status: MISS
lupic.cdn.bcebos.com/20210629/14377205_14.jpg
183.60.219.35200 OK 54 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/14377205_14.jpg
IP 183.60.219.35:0
File type PNG image data, 279 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash 2c3739d1eef167f1b3127c498e4194b4
374782a40b239ebbabbffbf04fd0441a4654cd3c
d4390bbbdebf8944aac67dbbce127473f45aac569d6b21b25a4f76013c3ea6b3
GET /20210629/14377205_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/png
content-length: 54006
expires: Sun, 05 Feb 2023 08:19:18 GMT
last-modified: Fri, 02 Jul 2021 07:46:20 GMT
etag: "2c3739d1eef167f1b3127c498e4194b4"
age: 103688
accept-ranges: bytes
content-md5: LDc50e7xZ/GzEnxJjkGUtA==
x-bce-content-crc32: 0
x-bce-debug-id: gR/JmmukFmOiM/2C5Ea6K1Y/cvZ+djWsnvZmdAUdZzX9iva+0f9xtja+fl+t96x0XNYvjH9yO4WYM53waIXzWA==
x-bce-request-id: 13fc33a2-27ca-4af5-ba54-b781ef72a525
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 08:19:18 GMT
ohc-cache-hit: fs3ct59 [4], czix204 [2]
ohc-file-size: 54006
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/2001925979_14.jpg
183.60.219.35200 OK 30 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2001925979_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 70fbe2e23c41241c720aff857a395bfe
cafe184bc5f09cbe2e5ff8f4a8569465b59ab511
61c73b88d0eeb8463652202f2d3be77a2b2ca50d496dc5c41e3480afa1a9b3c3
GET /20210629/2001925979_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 29666
expires: Sun, 05 Feb 2023 10:17:24 GMT
last-modified: Wed, 30 Jun 2021 07:18:27 GMT
etag: "70fbe2e23c41241c720aff857a395bfe"
age: 159205
accept-ranges: bytes
content-md5: cPvi4jxBJBxyCv+Fejlb/g==
x-bce-content-crc32: 0
x-bce-debug-id: jneg+Ch5ipj31R6J95cSUWEiq8E595xnjUuqH9dEdA/5BHBDINzTCP/4RVi3NoLoIRL9NXncxGYfPa34gCG7nQ==
x-bce-request-id: 1bf86634-f3c0-44d0-ba20-354d6b3db074
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 10:17:24 GMT
ohc-cache-hit: fs3ct54 [2], czix186 [2]
ohc-file-size: 29666
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/45865201_14.jpg
183.60.219.35200 OK 13 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/45865201_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash cfdabc96da169c903506718d201e1123
442ffa38dba0c1b0a17f4a7d49278800a6a3b001
36e3d52d414e16fa0bbe478f4aa5f50fd7d9f68723534d8b36639acd7ace66a7
GET /20210629/45865201_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 13297
expires: Sat, 04 Feb 2023 10:48:10 GMT
last-modified: Thu, 01 Jul 2021 22:02:07 GMT
etag: "cfdabc96da169c903506718d201e1123"
age: 243400
accept-ranges: bytes
content-md5: z9q8ltoWnJA1BnGNIB4RIw==
x-bce-content-crc32: 0
x-bce-debug-id: vBixto2sP5pK1XAylW6KyTfUhf+dZgHE6KUznVn2Y3ort3bnET1YWz/uZK0fbSZJmUDf/bdC39PD/4/fE2FL3g==
x-bce-request-id: 6643daf0-8588-4289-ad24-fd31e08745bb
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 10:48:10 GMT
ohc-cache-hit: fs3ct50 [4], xiangyix110 [2]
ohc-file-size: 13297
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=908219215,39289519&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
118.180.40.35200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=908219215,39289519&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7461cb3dead2b153e2a8f68d4b4b8af1
1ee7a08f3c46892afd586bd1d6138881d8032c32
47cda34ed8591d759f676e6805d1741b15a48764c69128db8b7b5e7df430343d
GET /it/u=908219215,39289519&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 17394
expires: Tue, 21 Feb 2023 02:04:27 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 7461cb3dead2b153e2a8f68d4b4b8af1
age: 85528
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:04:27 GMT
ohc-cache-hit: lz5ct61 [4], xaix209 [4]
ohc-file-size: 17394
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3001627347,2749052070&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737
118.180.40.35200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=3001627347,2749052070&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x737, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae18ed76af6f02e623fd95c897db76be
09f7c96dc12e1e30fc2c964583446e2271b9a29c
aba23de48b43c3171c73ac6dc51ea69286f357749a4217ec99cd040ac94f474b
GET /it/u=3001627347,2749052070&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=737 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 32006
expires: Tue, 21 Feb 2023 11:17:32 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ae18ed76af6f02e623fd95c897db76be
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 11:17:32 GMT
ohc-cache-hit: lz5ct68 [1], suzix68 [2]
ohc-file-size: 32006
x-cache-status: MISS
X-Firefox-Spdy: h2
eclick.baidu.com/rs.jpg?pageSearchId=1675492310299mk3jfrwykw&content=%7BpgSacI%22%22659309m3fwk%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F23.r.uoncmdw%2FE%25EA%255A%259E%255B%255A%25B%254B%25BE%2508%2569%259E%255B%254B%25621332ee%2CpgSacI%22%22659309m3fwk%22%5D%22aeerhd%3A1742129kjryw%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F182ultdw.o%2Fon%258A%259E%255B%2558%254E%25582E%2598%258B%253E%2559%255A%253E%25B8%407_31.x%22%22aeerhd%3A1742129kjryw%7D%7D
111.206.208.190200 OK 0 B URL HTTP/1.1 eclick.baidu.com/rs.jpg?pageSearchId=1675492310299mk3jfrwykw&content=%7BpgSacI%22%22659309m3fwk%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F23.r.uoncmdw%2FE%25EA%255A%259E%255B%255A%25B%254B%25BE%2508%2569%259E%255B%254B%25621332ee%2CpgSacI%22%22659309m3fwk%22%5D%22aeerhd%3A1742129kjryw%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F182ultdw.o%2Fon%258A%259E%255B%2558%254E%25582E%2598%258B%253E%2559%255A%253E%25B8%407_31.x%22%22aeerhd%3A1742129kjryw%7D%7D
IP 111.206.208.190:0
ASN #4808 China Unicom Beijing Province Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs.jpg?pageSearchId=1675492310299mk3jfrwykw&content=%7BpgSacI%22%22659309m3fwk%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F23.r.uoncmdw%2FE%25EA%255A%259E%255B%255A%25B%254B%25BE%2508%2569%259E%255B%254B%25621332ee%2CpgSacI%22%22659309m3fwk%22%5D%22aeerhd%3A1742129kjryw%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F182ultdw.o%2Fon%258A%259E%255B%2558%254E%25582E%2598%258B%253E%2559%255A%253E%25B8%407_31.x%22%22aeerhd%3A1742129kjryw%7D%7D HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12832.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: image/jpeg
Date: Sat, 04 Feb 2023 06:31:19 GMT
Etag: "62207936-0"
Expires: Sat, 04 Feb 2023 06:31:19 GMT
Last-Modified: Thu, 03 Mar 2022 08:15:50 GMT
Server: nginx
img1.baidu.com/it/u=61696334,2398799334&fm=253&fmt=auto&app=138&f=JPEG?w=347&h=500
182.140.225.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=61696334,2398799334&fm=253&fmt=auto&app=138&f=JPEG?w=347&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 347x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c79ec7faf1c10226dbd265d933b045e
1c84e740bd48f018e2e1aa2a0b47c657cfd1b8a1
c4ec7dab872d90ab64be7c1c0b0ff6a29c7eba9a4eca1142bc2b0bea10c9fda9
GET /it/u=61696334,2398799334&fm=253&fmt=auto&app=138&f=JPEG?w=347&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 10874
expires: Thu, 02 Mar 2023 02:36:52 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 4c79ec7faf1c10226dbd265d933b045e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 02:36:52 GMT
ohc-cache-hit: cd5ct56 [1], qdix210 [4]
ohc-file-size: 10874
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/272495.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/272495.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/272495.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=999301153,1805676453&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
12832.url.tudown.com/uploads/images/975232.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/975232.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/975232.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2879984753,1002444337&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=499
img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
182.140.225.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cf34726fa4301d9a6aa20ab01c48949
c2e2d62afa7f9ea8c84926317c4e24b9a5ca1550
812b249dbeb71ddf6a9584ee84215a82faaa1934e55b6469b91624c6352fd8e2
GET /it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 15312
expires: Tue, 14 Feb 2023 22:00:01 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5cf34726fa4301d9a6aa20ab01c48949
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 22:00:01 GMT
ohc-cache-hit: cd5ct71 [1], qdix219 [4]
ohc-file-size: 15312
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/44587.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/44587.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/44587.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1022130787,2226941520&fm=253&app=120&f=JPEG?w=1422&h=800
12832.url.tudown.com/uploads/images/239831.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/239831.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/239831.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3900078582,800792801&fm=253&fmt=auto&app=138&f=JPEG?w=535&h=500
12832.url.tudown.com/uploads/images/201121.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/201121.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/201121.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=39459435,2891108147&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
lupic.cdn.bcebos.com/20210629/522732_14.jpg
183.60.219.35200 OK 33 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/522732_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash c229a1e71f4dd7f1c9a7c1e99b27e2eb
51a195723426b1f307730b4ab867fc5754b80ace
a14e662014ff83f5a9631862a27d56b12d051491f3c70d86fd8b42dcda6f653b
GET /20210629/522732_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 32974
expires: Sun, 05 Feb 2023 02:15:56 GMT
last-modified: Thu, 01 Jul 2021 06:40:33 GMT
etag: "c229a1e71f4dd7f1c9a7c1e99b27e2eb"
age: 188115
accept-ranges: bytes
content-md5: wimh5x9N1/HJp8Hpmyfi6w==
x-bce-content-crc32: 0
x-bce-debug-id: kZcBMdSuuyJ8Lz5JiVfrBfEC52CY/C5X6OQagNlXtNh83QxEGR7vyGBc1KQEm4EjQ8lzggIJid7E5mbQTnj1rg==
x-bce-request-id: 9a1379a2-0efe-446d-8acf-413a92a46083
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 02:15:56 GMT
ohc-cache-hit: fs3ct50 [2], qdix130 [2]
ohc-file-size: 32974
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20200412/3059253539_14_800_572.jpg
183.60.219.35200 OK 47 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3059253539_14_800_572.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x572, components 3\012- data
Hash 46c90d96d419b855557cadf366f09de0
ea7bae150aa31d8a56e544ed2dd70763bbd0e7e3
fd0b0d50a27aeb3d386f23940020b8352d442672bbee1683c36e3b30fe464fc2
GET /20200412/3059253539_14_800_572.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 46818
expires: Sun, 05 Feb 2023 08:52:06 GMT
last-modified: Mon, 13 Apr 2020 12:45:03 GMT
etag: "46c90d96d419b855557cadf366f09de0"
age: 156924
accept-ranges: bytes
content-md5: RskNltQZuFVVfK3zZvCd4A==
x-bce-content-crc32: 2452286848
x-bce-debug-id: CJCUBLsugR4gc4rl+Zgiw/2kMb5p7WT4akhbRf4rLgSNKZRWRX6wqlTrLCh5GBxlxbhGP00MkYvk397cMYU37Q==
x-bce-request-id: 0acb2213-52c5-4eb2-9da0-0e7be2b889ec
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 08:52:06 GMT
ohc-cache-hit: fs3ct53 [4], xaix220 [2]
ohc-file-size: 46818
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/45433.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/45433.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/45433.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500
lupic.cdn.bcebos.com/20191203/3017621031_14.jpg
183.60.219.35200 OK 39 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3017621031_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 374x267, components 3\012- data
Hash b15ca02c1d48dc050057fc574a114099
db27cacbc8e7c28bd04f0c00db9a263dd92bee62
9a05a5c41a2bfbfe64e678dfcf4bfcc23849cca32d555cf0e019d593a7c1e6f8
GET /20191203/3017621031_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 39172
expires: Sun, 05 Feb 2023 06:36:58 GMT
last-modified: Tue, 03 Dec 2019 09:27:27 GMT
etag: "b15ca02c1d48dc050057fc574a114099"
age: 172112
accept-ranges: bytes
content-md5: sVygLB1I3AUAV/xXShFAmQ==
x-bce-content-crc32: 3739533619
x-bce-debug-id: AvSB1gY11+nXN9jUDXcXHv1sRi2WfEJ/4eJgs43xdfvdGhIaHYn01ljTk8FCEq8YWGBayHwoBZR8WGRKgmSW/A==
x-bce-request-id: ff90185b-0d39-40d9-82bb-e6002bccb9b3
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 06:36:58 GMT
ohc-cache-hit: fs3ct58 [2], qdix210 [4]
ohc-file-size: 39172
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20200412/3035705377_14_800_559.jpg
183.60.219.35200 OK 43 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3035705377_14_800_559.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x559, components 3\012- data
Hash 3b304c4e78a61a38cd33c024d95dc9ea
8b0e9eed533d3d1288c9b60de368c5b3ac2396fa
f0a5e072c92e0887bad1def0697a305e8f84218d4e688687ac20f2c4d85973b8
GET /20200412/3035705377_14_800_559.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 42742
expires: Tue, 07 Feb 2023 03:29:13 GMT
last-modified: Mon, 13 Apr 2020 12:04:46 GMT
etag: "3b304c4e78a61a38cd33c024d95dc9ea"
accept-ranges: bytes
content-md5: OzBMTnimGjjNM8Ak2V3J6g==
x-bce-content-crc32: 581017950
x-bce-debug-id: vBbH04HmEPyQzITlJOXmUGQRIeJMfy+Grpdtj6Pan5wFylORueqxtIG1batDFQMJowzPbt86YSee9jjztRQGDw==
x-bce-request-id: 62506118-6a01-415e-b8a0-476c8c3253ff
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 03:29:13 GMT
ohc-cache-hit: fs3ct59 [2], bdix111 [4]
ohc-file-size: 42742
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/9074743_14.jpg
183.60.219.35200 OK 22 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/9074743_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 76cc5fbb5d7a6c2ff236f051f9bd84c3
f373ec10abcd8b3109f16ace1817a37e293fc81e
b0652d196fbf3c6963ce10e34d7eb746b499800b897b583be13a94d60a6ff62f
GET /20210629/9074743_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 22199
expires: Sun, 05 Feb 2023 09:05:41 GMT
last-modified: Fri, 02 Jul 2021 14:44:06 GMT
etag: "76cc5fbb5d7a6c2ff236f051f9bd84c3"
age: 163518
accept-ranges: bytes
content-md5: dsxfu116bC/yNvBR+b2Eww==
x-bce-content-crc32: 0
x-bce-debug-id: 7+wJm9n0SvGjpeX3CxGhsBNVxW3w70WB8M1H4ezggZWHA71HSzYuonwhgp5emtgObunzCa6LN+FgleF6wL9IzQ==
x-bce-request-id: 7e2fd763-cf97-4bf4-a568-b25dfe41bd58
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 09:05:41 GMT
ohc-cache-hit: fs3ct60 [2], czix208 [2]
ohc-file-size: 22199
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 624dd3e8fd2257516c3ee566518986ac
8049fb09f2072e2e5993449e7b3f1ff0a6851861
902fa413c309390611e2c169a9c63dd95629ed6ed4b33646a5bb50558c8936bd
GET /it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpeg
Content-Length: 53043
Connection: keep-alive
Expires: Wed, 22 Feb 2023 02:54:46 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 624dd3e8fd2257516c3ee566518986ac
Age: 191430
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 02:54:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache54 [1], bdix141 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53043
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743
118.180.40.35200 OK 21 kB URL HTTP/2 img0.baidu.com/it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x743, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 567fab235c019db244d6a66d20b639bd
810cd7d72cd4fbcc559f661b16c9d7f7f46ead80
e55e729fdf0ae84d1b653b88c6fb3f63148418ceb9d90beefe284ccc22b7d3a0
GET /it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 20966
expires: Tue, 21 Feb 2023 04:35:07 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 567fab235c019db244d6a66d20b639bd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:35:07 GMT
ohc-cache-hit: lz5ct54 [1], xaix54 [2]
ohc-file-size: 20966
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1336896760,2293914509&fm=253&fmt=auto?w=1280&h=800
118.180.40.35200 OK 70 kB URL HTTP/2 img0.baidu.com/it/u=1336896760,2293914509&fm=253&fmt=auto?w=1280&h=800
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a6287a214f5c1f677daec420d2b9e6
2a369f57bec7a4dc3841dcbb3c35aa47c4bbaa05
460ab4e088a816431790f9fae41e710439536cf17cc2f8921623817157eb2aa6
GET /it/u=1336896760,2293914509&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 69738
expires: Tue, 21 Feb 2023 05:34:08 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b4a6287a214f5c1f677daec420d2b9e6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:34:08 GMT
ohc-cache-hit: lz5ct70 [1], qdix180 [4]
ohc-file-size: 69738
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3442397391,4272240420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
118.180.40.35200 OK 34 kB URL HTTP/2 img0.baidu.com/it/u=3442397391,4272240420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f562671379da607da509f3eb67aedc8
85afdec0c502ec3752d76bdbae24f2a618005fd3
54ed138ba6e260eea20f16a42369063ae9ef51be045734cc245816003662407f
GET /it/u=3442397391,4272240420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 33892
expires: Sat, 18 Feb 2023 09:46:38 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8f562671379da607da509f3eb67aedc8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 09:46:38 GMT
ohc-cache-hit: lz5ct60 [1], wzix60 [4]
ohc-file-size: 33892
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2042546953,3042878300&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300
118.180.40.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=2042546953,3042878300&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7de56c9c9a510a4e0537e752ddc9ea63
6bcea704acfb47da20595303d173e0fb77938304
aad87812c539a9e8b1c2148212056afa7f128a2fc1689a2960dfd6f54a9b779c
GET /it/u=2042546953,3042878300&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 15542
expires: Sat, 04 Feb 2023 12:39:23 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 7de56c9c9a510a4e0537e752ddc9ea63
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 12:39:23 GMT
ohc-cache-hit: lz5ct51 [1], wzix98 [4]
ohc-file-size: 15542
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20220722/3087293832_14_600_429.jpg
183.60.219.35200 OK 16 kB URL HTTP/2 lupic.cdn.bcebos.com/20220722/3087293832_14_600_429.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x429, components 3\012- data
Hash a14af7ecc4a9868862e7d6e27a7d6836
ad94ee412cbb00ed144e630cb05256f10f953661
56ac43d4bbd135ca97b8284471d25d6ddfddd5764d6fee0987f96a032d8cc3ed
GET /20220722/3087293832_14_600_429.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 16421
expires: Sun, 05 Feb 2023 02:43:39 GMT
last-modified: Tue, 26 Jul 2022 07:58:19 GMT
etag: "a14af7ecc4a9868862e7d6e27a7d6836"
age: 107532
accept-ranges: bytes
content-md5: oUr37MSphohi59bien1oNg==
x-bce-content-crc32: 2055833397
x-bce-debug-id: lXvpRqZl/cAh8kjOejUYSlOidd8uqcCyoPKBvVh4+9fqjFMh//NQpjO+ungRobYLY/IpxUDyi/jNqxj8y0Wh+g==
x-bce-request-id: 7ab53f16-b365-4ece-b741-176c8c6e492b
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 02:43:39 GMT
ohc-cache-hit: fs3ct51 [4], suzix230 [2]
ohc-file-size: 16421
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=999301153,1805676453&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
182.140.225.35200 OK 9.5 kB URL HTTP/2 img1.baidu.com/it/u=999301153,1805676453&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8f4ee01134d2285e6f46a41a2092e0c
80650efae0a2b4a7d10eaafcd75339a98ccfd723
3e2f5bd77b62cbb1ae7aa5d51a0b366198665f9b96d7ef76e9f468193a456aae
GET /it/u=999301153,1805676453&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 9536
expires: Tue, 21 Feb 2023 06:23:56 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a8f4ee01134d2285e6f46a41a2092e0c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 06:23:56 GMT
ohc-cache-hit: cd5ct79 [1], xaix131 [4]
ohc-file-size: 9536
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2879984753,1002444337&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=499
182.140.225.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=2879984753,1002444337&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=499
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 327x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f4eb24075e30bcc5d5631740bdd49019
6da4cb684b6bb04a8aecdbd97a337db72e9382d0
32470c985454f4db103958cc858680bdac3800f37fc23e9b2271196922d7ec6b
GET /it/u=2879984753,1002444337&fm=253&fmt=auto&app=138&f=JPEG?w=327&h=499 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 16470
expires: Sat, 04 Mar 2023 04:15:09 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: f4eb24075e30bcc5d5631740bdd49019
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 04:15:09 GMT
ohc-cache-hit: cd5ct60 [1], qdix102 [4]
ohc-file-size: 16470
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/13360968_14.jpg
183.60.219.35200 OK 31 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/13360968_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash dd905acdef23dd02543a84e88700b9c9
9abef1601de64e09f9c220889853b252d3577276
9c3f6b92f8427194cd0105fce09cec2b4535d02e8bf6c0652b4a0d8b21c14e44
GET /20210629/13360968_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:18 GMT
content-type: image/jpeg
content-length: 31294
expires: Sat, 04 Feb 2023 08:11:05 GMT
last-modified: Thu, 01 Jul 2021 18:13:45 GMT
etag: "dd905acdef23dd02543a84e88700b9c9"
age: 233137
accept-ranges: bytes
content-md5: 3ZBaze8j3QJUOoTohwC5yQ==
x-bce-content-crc32: 0
x-bce-debug-id: 6nu5JS4SdBfS+doVMjHB47ly3YTskKEK73mcLSEfH6P/roj3DG2tPFcJdfLTLrmesolPTyHueNYg+6GCKi3edg==
x-bce-request-id: b0702604-6ebf-49e4-ada0-d379795634e1
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 08:11:05 GMT
ohc-cache-hit: fs3ct52 [4], xiangyix158 [2]
ohc-file-size: 31294
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3900078582,800792801&fm=253&fmt=auto&app=138&f=JPEG?w=535&h=500
118.180.40.35200 OK 37 kB URL HTTP/2 img2.baidu.com/it/u=3900078582,800792801&fm=253&fmt=auto&app=138&f=JPEG?w=535&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 535x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11ec12b2fb4f66ba11410f4f47868751
6c91eb45b4826ceb201bd9767619f4bbe20b019d
f2d092dd80d9580fd51c870084dad8283a44e1baeaa19ea15d0f9f12294d6d81
GET /it/u=3900078582,800792801&fm=253&fmt=auto&app=138&f=JPEG?w=535&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 36958
expires: Tue, 28 Feb 2023 03:02:13 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 11ec12b2fb4f66ba11410f4f47868751
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 03:02:13 GMT
ohc-cache-hit: lz5ct58 [1], xiangyix147 [4]
ohc-file-size: 36958
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/595413.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/595413.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/595413.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=908219215,39289519&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
lupic.cdn.bcebos.com/20210629/10308732_14.jpg
183.60.219.35200 OK 30 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/10308732_14.jpg
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash c2af44cafff97c385f6550b9e8e164b7
e97d14c1068016cd4bf196c9f06068a82cd72d5c
e3ff1988b9d4c820c6bbb9f4336d377a1c2e14fc6f02c0d4e518de573c42a206
GET /20210629/10308732_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/jpeg
content-length: 30354
expires: Sun, 05 Feb 2023 11:04:26 GMT
last-modified: Tue, 29 Jun 2021 19:11:23 GMT
etag: "c2af44cafff97c385f6550b9e8e164b7"
age: 150930
accept-ranges: bytes
content-md5: wq9Eyv/5fDhfZVC56OFktw==
x-bce-content-crc32: 0
x-bce-debug-id: KfNT8a4m2ot18DaNpuUbBeL+RHzVMNMGrl6ZZG1VYhKBbWK7Nz+UlF3kd7JT6mRRm71MwQUBzz8G+8N7dsTXOA==
x-bce-request-id: e128eee5-b64f-4898-a82b-2cf093e84924
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 11:04:26 GMT
ohc-cache-hit: fs3ct53 [4], qdix87 [2]
ohc-file-size: 30354
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/315281.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/315281.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/315281.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3301224894,3686690544&fm=253&fmt=auto&app=138&f=JPEG?w=834&h=500
img1.baidu.com/it/u=39459435,2891108147&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 21 kB URL HTTP/2 img1.baidu.com/it/u=39459435,2891108147&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a23cb626a4b0b88072c433d4d364ca30
81095046521c6396b7f4dac98e4dac2d6e7e695c
cf95e49d7f372d8589b2d7e8b41cd924295a8775249e52045a7988ac09d9b392
GET /it/u=39459435,2891108147&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 20696
expires: Mon, 06 Feb 2023 04:36:53 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: a23cb626a4b0b88072c433d4d364ca30
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:36:53 GMT
ohc-cache-hit: cd5ct50 [1], suzix247 [4]
ohc-file-size: 20696
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/208929.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/208929.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/208929.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1920079203,390978214&fm=253&fmt=auto?w=1280&h=800
img0.baidu.com/it/u=1022130787,2226941520&fm=253&app=120&f=JPEG?w=1422&h=800
49.79.225.35200 OK 65 kB URL HTTP/1.1 img0.baidu.com/it/u=1022130787,2226941520&fm=253&app=120&f=JPEG?w=1422&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash e59dc896e515edce6616807580a25bb1
c76c41cbd9c4ae1c6311509c56e68d70327ad29d
956f988178e714699b510baeb984fdfd77b98c7512a6a14ae0910c81140f9757
GET /it/u=1022130787,2226941520&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpeg
Content-Length: 65160
Connection: keep-alive
Expires: Tue, 28 Feb 2023 12:39:28 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: e59dc896e515edce6616807580a25bb1
Age: 172336
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 12:39:28 GMT
Ohc-Cache-HIT: ntct56 [4], xiangyix103 [4]
Ohc-File-Size: 65160
X-Cache-Status: HIT
12832.url.tudown.com/uploads/images/616096.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/616096.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/616096.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2929706406,72747994&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12832.url.tudown.com/uploads/images/467372.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/467372.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/467372.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1927756377,2352421126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
12832.url.tudown.com/uploads/images/383813.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/383813.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/383813.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 76 kB URL HTTP/1.1 t15.baidu.com/it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3d203fedc41dfb1218e27e0669bc9a38
5d9353856de0e35cbd3b4f00aaf903fb423e0ad3
8868b22739aa8848b8534fc17f2e3da45ba552aefb77ee9adea5a32cb10bc293
GET /it/u=2417688547,1972936716&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12832.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:31:19 GMT
Content-Type: image/jpeg
Content-Length: 75587
Connection: keep-alive
Expires: Tue, 28 Feb 2023 11:22:29 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 3d203fedc41dfb1218e27e0669bc9a38
Age: 360865
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 11:22:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], xauncache100 [2], xaix172 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75587
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3301224894,3686690544&fm=253&fmt=auto&app=138&f=JPEG?w=834&h=500
118.180.40.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=3301224894,3686690544&fm=253&fmt=auto&app=138&f=JPEG?w=834&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 834x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b25b53702ec62c559f64395bc719891
484457b75abe678ae1570a6eae93a4df9589e432
ee1e56bb9bbe9066aebc43f916dfe160858714c6f6fc301b7a3d4b8300d4d7bd
GET /it/u=3301224894,3686690544&fm=253&fmt=auto&app=138&f=JPEG?w=834&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 16416
expires: Wed, 22 Feb 2023 01:53:28 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0b25b53702ec62c559f64395bc719891
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:53:28 GMT
ohc-cache-hit: lz5ct69 [1], xaix121 [4]
ohc-file-size: 16416
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1920079203,390978214&fm=253&fmt=auto?w=1280&h=800
118.180.40.35200 OK 69 kB URL HTTP/2 img2.baidu.com/it/u=1920079203,390978214&fm=253&fmt=auto?w=1280&h=800
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4911847522de08228b2d38a019744e64
565f46dd1494134f4c111d10d4dab934fe39b496
bfc0972609901901b859e305b6aa51cfa29271b5120e68f923eab7329e434a0e
GET /it/u=1920079203,390978214&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:19 GMT
content-type: image/webp
content-length: 68684
expires: Tue, 21 Feb 2023 03:23:17 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 4911847522de08228b2d38a019744e64
age: 482763
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:23:17 GMT
ohc-cache-hit: lz5ct60 [4], suzix207 [4]
ohc-file-size: 68684
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2929706406,72747994&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
118.180.40.35200 OK 71 kB URL HTTP/2 img2.baidu.com/it/u=2929706406,72747994&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5c254cbf922403900b67bd15ec713716
eea99ad13e0f16ade5eaac45ba6c36a3b5a5a30f
1a001ba0ce5db2995256987dc1fc1b676057a681059c0a55d3476e24cebc8d4a
GET /it/u=2929706406,72747994&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:20 GMT
content-type: image/webp
content-length: 71206
expires: Tue, 14 Feb 2023 08:05:21 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 5c254cbf922403900b67bd15ec713716
age: 155405
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:05:21 GMT
ohc-cache-hit: lz5ct77 [4], qdix77 [2]
ohc-file-size: 71206
x-cache-status: HIT
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/362988.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/362988.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/362988.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=796506120,1467237250&fm=253&fmt=auto&app=138&f=JPEG?w=367&h=500
12832.url.tudown.com/uploads/images/997882.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/997882.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/997882.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2566671299,1175407976&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img2.baidu.com/it/u=1927756377,2352421126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
118.180.40.35200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=1927756377,2352421126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ab4c8a94370b72071d633ea93022952
b71808872653dc39d6bd373b3cad680f336085c9
d21577c7f169d6f148113bfe8b9155a9fb428751a26cbbfcf8c174dd50ddb42b
GET /it/u=1927756377,2352421126&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:31:20 GMT
content-type: image/webp
content-length: 47710
expires: Wed, 22 Feb 2023 03:30:35 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1ab4c8a94370b72071d633ea93022952
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:30:35 GMT
ohc-cache-hit: lz5ct51 [1], suzix57 [4]
ohc-file-size: 47710
x-cache-status: MISS
X-Firefox-Spdy: h2
12832.url.tudown.com/uploads/images/385213.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/385213.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/385213.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3551758207,3667441579&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
12832.url.tudown.com/uploads/images/979484.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/979484.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/979484.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=352930615,3246846974&fm=224&app=112&f=JPEG?w=500&h=500
12832.url.tudown.com/uploads/images/750679.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/750679.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/750679.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4073123215,305138991&fm=253&app=120&f=JPEG?w=1280&h=800
12832.url.tudown.com/uploads/images/772914.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12832.url.tudown.com/uploads/images/772914.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/772914.jpg HTTP/1.1
Host: 12832.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12832.url.tudown.com/down/%E8%AE%A9%E5%A5%B9%E5%85%B4%E5%A5%8B2%E4%B9%8B%E8%B0%83%E6%95%99%E5%A5%B3%E4%BB%86@271_33312.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675484107
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:31:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=14552907,1680792660&fm=253&app=138&f=JPEG?w=500&h=800
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 0 B URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Sat, 04 Feb 2023 06:31:16 GMT
etag: W/"634e5b0d-371a"
expires: Sat, 04 Feb 2023 07:31:16 GMT
last-modified: Tue, 18 Oct 2022 07:51:41 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c2022e0ef8f837e0-143
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.206200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12832.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Sat, 04 Feb 2023 06:28:08 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1675492088
via: cache1.l2de2[616,616,304-0,M], cache3.l2de2[617,0], cache8.se1[0,0,200-0,H], cache5.se1[1,0]
age: 185
x-cache: HIT TCP_MEM_HIT dirn:4:99731148
x-swift-savetime: Sat, 04 Feb 2023 06:28:08 GMT
x-swift-cachetime: 600
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9916754922736656276e
X-Firefox-Spdy: h2