r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5769
Expires: Sat, 04 Feb 2023 17:23:28 GMT
Date: Sat, 04 Feb 2023 15:47:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14531
Expires: Sat, 04 Feb 2023 19:49:30 GMT
Date: Sat, 04 Feb 2023 15:47:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Sat, 04 Feb 2023 19:29:56 GMT
Date: Sat, 04 Feb 2023 15:47:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 15:36:15 GMT
content-type: application/json
age: 664
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: M4dxy4YcOX1BzAY1odQT0HyCIXMsSHfKynEgDK1gGMkrgVMzvnF9Jevnn+abnjMZu980LkMgznVaiLRvPdViPA==
x-amz-request-id: N6DDCJ614S60W59Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 15:24:04 GMT
age: 1395
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 15:47:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 14:49:07 GMT
age: 3493
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sat, 04 Feb 2023 16:33:31 GMT
Date: Sat, 04 Feb 2023 15:47:20 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.71.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.71.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EHizy1qhYsXt3uPRbhC03A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V5EEThB29eHWgSaBZyHj9WFs1NE=
12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 5cfffdd43d96f10a6d25f13c03f68c76
15fe3678cc74fab7985ede4ede65e39bf5df39fd
c242daa9e9622b747b0d4f43f7a309e913847fd0030dba6d90a2150074cf2bc5
Analyzer Verdict Alert fortinet Malware
GET /down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12732.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12732.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12732.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20209
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:47:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20209
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:47:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20209
Expires: Sat, 04 Feb 2023 21:24:10 GMT
Date: Sat, 04 Feb 2023 15:47:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 55598
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 63408
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 63420
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 63409
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 63231
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 64757
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12732.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12732.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/global.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3dcf364a98ec525459de31da9ef17294
1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93
c5d1b7bb1ab9ead9d1274e898a83e0b153b002a003345b6b36f08f71357110c7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 15:38:34 GMT
last-modified: Sat, 04 Feb 2023 04:54:58 GMT
expires: Sat, 11 Feb 2023 04:54:57 GMT
etag: "1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93"
cache-control: max-age=601328,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 79447e804fcc913d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675525114
via: cache2.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache3.se1[24,23,200-0,H], cache5.se1[25,0], cache3.se1[29,0]
age: 528
x-cache: HIT TCP_REFRESH_HIT dirn:2:320191984
x-swift-savetime: Sat, 04 Feb 2023 15:47:22 GMT
x-swift-cachetime: 1272
timing-allow-origin: *, *
eagleid: 2ff62c9716755256420856737e, 2ff62c9716755256420856737e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3dcf364a98ec525459de31da9ef17294
1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93
c5d1b7bb1ab9ead9d1274e898a83e0b153b002a003345b6b36f08f71357110c7
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 15:38:34 GMT
last-modified: Sat, 04 Feb 2023 04:54:58 GMT
expires: Sat, 11 Feb 2023 04:54:57 GMT
etag: "1b997bb1f6f07f3fca7ed53c26515d21fa1b8c93"
cache-control: max-age=601328,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 79447e804fcc913d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675525114
via: cache2.l2de2[0,-1,304-0,H], cache12.l2de2[0,0], cache5.se1[22,42,200-0,H], cache5.se1[44,0], cache7.se1[46,0]
age: 528
x-cache: HIT TCP_REFRESH_HIT dirn:4:283448285
x-swift-savetime: Sat, 04 Feb 2023 15:47:22 GMT
x-swift-cachetime: 1272
timing-allow-origin: *, *
eagleid: 2ff62c9b16755256420904536e, 2ff62c9b16755256420904536e
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.204301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.204:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache4.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9816755256421284520e
12732.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Sun, 05 Feb 2023 03:47:22 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Sun, 05 Feb 2023 03:47:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.2 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5410), with no line terminators
Hash 71019fd4bece6d235fe75bffe859eb22
be95ba0376e00833ea8206ab4a13c69725e92cb5
4b0c7b1ee0821d98a40dee5f62f06088d9f837c96d8d5b77122f2c2f57a75eff
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2206
Connection: keep-alive
Cache-Control: max-age=14400
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 19:47:22 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c20745663ca937dd-143
Server: yunjiasu
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.2 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5411), with no line terminators
Hash 5871fcd549aa0ada79216f55fc6eca14
711298c5227c79a85f9eb60392b3c478519396dc
20b238083b6a55c4dae9970e637bae8cee9ea2236c76a7e9932aa25d586267a3
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2204
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 16:47:22 GMT
Last-Modified: Sun, 29 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c207456694eb37e5-143
Server: yunjiasu
12732.url.tudown.com/uploads/images/logo.png?n=4s5lhznxt3s3raxjusiotjno46xkdz4qq3syrnxjqcqolduc&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 12732.url.tudown.com/uploads/images/logo.png?n=4s5lhznxt3s3raxjusiotjno46xkdz4qq3syrnxjqcqolduc&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 5bd398e884eb29fa286d97d44052760f
c4c02d36c85181ee3fe926e780cef62eda41394f
9e77b68e1646a5fa8bba77da8c7167685e16b1401b2cbbc441add22cd02bf8b0
GET /uploads/images/logo.png?n=4s5lhznxt3s3raxjusiotjno46xkdz4qq3syrnxjqcqolduc&w=250 HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12732.url.tudown.com/uploads/images/871387.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/871387.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/871387.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Sat, 04 Feb 2023 21:46:15 GMT
Date: Sat, 04 Feb 2023 15:47:22 GMT
Connection: keep-alive
static.mediav.com/js/mvf_g2.js
104.192.110.245200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Sat, 04 Feb 2023 20:47:22 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc01.lato;HIT from w-sc02.bjmd
12732.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
Analyzer Verdict Alert fortinet Malware
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:21 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Sun, 05 Feb 2023 03:47:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a7d60eb77ee704162930c6b48c27d6c1
25b149d4af4ecbb0b810732fbc0eb3675910500a
a22cef7d656a03291c80fbbe66b43811e9e7ea9f34e230f0fd92756038b82ebb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 15:47:22 GMT
Last-Modified: Sat, 04 Feb 2023 07:12:34 GMT
ETag: "63de0562-1d7"
Expires: Mon, 06 Feb 2023 07:12:34 GMT
Cache-Control: max-age=141912
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675525642
Via: cache16.l2de2[195,195,200-0,M], cache16.l2de2[196,0], cache1.se1[218,217,200-0,M], cache1.se1[219,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 15:47:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516755256424114792e
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 8b713e782d4daaaf92b087fa2f128979
a4a673654c0544378aa15e1dfab8c7e64eef8698
15764a19559af6a9aa1a79c435c70e3eb0d5b6ceabfb35c50e3a15539faf63ec
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 13:52:11 GMT
ETag: "a4a673654c0544378aa15e1dfab8c7e64eef8698"
Last-Modified: Sat, 04 Feb 2023 13:52:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2587
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79448b62b915b4fa-OSL
static.mediav.com/js/mvf_pm_slider.js
104.192.110.245200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Sat, 04 Feb 2023 20:47:22 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.lato;HIT from w-sc09.zzzc
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a7d60eb77ee704162930c6b48c27d6c1
25b149d4af4ecbb0b810732fbc0eb3675910500a
a22cef7d656a03291c80fbbe66b43811e9e7ea9f34e230f0fd92756038b82ebb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 15:47:22 GMT
Ali-Swift-Global-Savetime: 1675525642
Via: cache19.l2de2[312,312,200-0,M], cache19.l2de2[313,0], cache3.se1[336,337,200-0,M], cache3.se1[338,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 15:47:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716755256424127114e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a7d60eb77ee704162930c6b48c27d6c1
25b149d4af4ecbb0b810732fbc0eb3675910500a
a22cef7d656a03291c80fbbe66b43811e9e7ea9f34e230f0fd92756038b82ebb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 15:47:22 GMT
Ali-Swift-Global-Savetime: 1675525642
Via: cache14.l2de2[315,315,200-0,M], cache14.l2de2[316,0], cache3.se1[337,337,200-0,M], cache3.se1[339,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 15:47:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716755256424127113e
12732.url.tudown.com/uploads/images/458286.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/458286.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/458286.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1443111533,475388791&fm=253&fmt=auto&app=120&f=JPEG?w=660&h=363
12732.url.tudown.com/uploads/images/844803.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/844803.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/844803.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4102967583,720449785&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=354
12732.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12732.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash a994e11113a0d36d42067c31a83e06fe
6349b666191b8d5694a9d467cb738f2a8030e825
3d879530f6884d7fbee4ec463030819e404220a317de3d5083f948e1cb19e15a
Analyzer Verdict Alert fortinet Malware
GET /common/ipnotice/ HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12732.url.tudown.com/uploads/images/371451.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/371451.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/371451.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=4026963693,1107216391&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/277287.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/277287.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/277287.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2359150615,627469233&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a7d60eb77ee704162930c6b48c27d6c1
25b149d4af4ecbb0b810732fbc0eb3675910500a
a22cef7d656a03291c80fbbe66b43811e9e7ea9f34e230f0fd92756038b82ebb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 15:47:22 GMT
Ali-Swift-Global-Savetime: 1675525642
Via: cache25.l2de2[502,501,200-0,M], cache25.l2de2[502,0], cache8.se1[524,524,200-0,M], cache8.se1[525,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 15:47:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16755256424066233e
12732.url.tudown.com/uploads/images/812811.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/812811.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/812811.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2127145328,732012671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
180.97.251.250200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 15:36:57 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 15:36:57 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675525017
via: cache6.l2ea120-8[52,52,200-0,M], cache27.l2ea120-8[53,0], cache9.cn2205[0,0,200-0,H], cache11.cn2205[0,0]
age: 625
x-cache: HIT TCP_MEM_HIT dirn:13:813447518
x-swift-savetime: Sat, 04 Feb 2023 15:36:57 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb1f16755256429496770e
X-Firefox-Spdy: h2
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.215404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.215:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Sat, 04 Feb 2023 15:47:22 GMT
ali-swift-global-savetime: 1675525642
via: cache48.l2cn3037[25,24,404-1280,M], cache53.l2cn3037[26,0], cache53.l2cn3037[26,0], vcache19.cn4733[29,29,404-1280,M], vcache17.cn4733[30,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 15:47:22 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c72516755256427761608e
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/221461.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/221461.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/221461.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3958606269,1426629133&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/832176.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/832176.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/832176.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=178608739,32716320&fm=224&app=112&f=JPEG?w=350&h=350
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
180.101.198.211200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3DFFFCE35347F52A3
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 88
ali-swift-global-savetime: 1675307171
via: cache5.l2cn3055[137,136,200-0,M], cache34.l2cn3055[138,0], vcache5.cn4732[0,0,200-0,H], vcache16.cn4732[2,0]
age: 218471
x-cache: HIT TCP_HIT dirn:9:233318430
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256428002773e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
180.101.198.211200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3C428EB3630F276FE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 117
ali-swift-global-savetime: 1675307171
via: cache12.l2cn3055[156,156,200-0,M], cache36.l2cn3055[158,0], vcache7.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 218471
x-cache: HIT TCP_MEM_HIT dirn:9:53898126
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256428012776e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
180.101.198.211200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3F1D5B233305BE7E5
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 127
ali-swift-global-savetime: 1675307171
via: cache51.l2cn3055[157,156,200-0,M], cache47.l2cn3055[159,0], vcache1.cn4732[0,1,200-0,H], vcache16.cn4732[3,0]
age: 218471
x-cache: HIT TCP_HIT dirn:10:284702017
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256428002772e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
180.101.198.211200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3E3631F36348B9DE4
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 88
ali-swift-global-savetime: 1675307171
via: cache25.l2cn3055[109,109,200-0,M], cache76.l2cn3055[111,0], vcache25.cn4732[0,0,200-0,H], vcache16.cn4732[2,0]
age: 218471
x-cache: HIT TCP_HIT dirn:11:237709296
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256428012778e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
180.101.198.211200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Tue, 03 Jan 2023 14:51:52 GMT
x-oss-request-id: 63B44108DA57CC3430E71280
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 80
ali-swift-global-savetime: 1672757512
via: cache79.l2cn3055[0,0,200-0,H], cache51.l2cn3055[2,0], vcache18.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 2768130
x-cache: HIT TCP_HIT dirn:10:213188726
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 13002341
timing-allow-origin: *
eagleid: b465c62416755256429182856e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
180.101.198.211200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Tue, 03 Jan 2023 11:51:50 GMT
x-oss-request-id: 63B416D62B654B3335D3555D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 135
ali-swift-global-savetime: 1672746710
via: cache4.l2cn3055[0,0,200-0,H], cache34.l2cn3055[1,0], vcache5.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 2778933
x-cache: HIT TCP_HIT dirn:9:233693268
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 12991539
timing-allow-origin: *
eagleid: b465c62416755256430842948e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
180.101.198.211200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3EEC7423138E2BAB0
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 166
ali-swift-global-savetime: 1675307171
via: cache60.l2cn3055[198,198,200-0,M], cache67.l2cn3055[199,0], vcache27.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 218472
x-cache: HIT TCP_HIT dirn:10:25434270
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256431072958e
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/539515.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/539515.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/539515.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
12732.url.tudown.com/uploads/images/89656.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/89656.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/89656.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1154681949,3347615978&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=500
12732.url.tudown.com/uploads/images/475758.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/475758.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/475758.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2464625651,1606600720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
180.101.198.211200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3BDCDCF3936A08917
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 43
ali-swift-global-savetime: 1675307171
via: cache36.l2cn3055[57,57,200-0,M], cache30.l2cn3055[58,0], vcache5.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 218472
x-cache: HIT TCP_HIT dirn:9:196091996
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256432023029e
X-Firefox-Spdy: h2
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash 72d61d39ba783036bb9a92693b68b0f4
41f159955f3087bf1e759ea535577609bf7499dd
71979a4f36bdc6931861cd4daae2b4e17864faf1b61cac427f64f349005fb426
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Length: 370
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a7d60eb77ee704162930c6b48c27d6c1
25b149d4af4ecbb0b810732fbc0eb3675910500a
a22cef7d656a03291c80fbbe66b43811e9e7ea9f34e230f0fd92756038b82ebb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 15:47:23 GMT
Last-Modified: Sat, 04 Feb 2023 07:12:34 GMT
ETag: "63de0562-1d7"
Expires: Mon, 06 Feb 2023 07:12:34 GMT
Cache-Control: max-age=141911
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675525643
Via: cache1.l2de2[773,773,200-0,M], cache1.l2de2[774,0], cache3.se1[795,794,200-0,M], cache3.se1[796,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 15:47:23 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716755256425457287e
12732.url.tudown.com/uploads/images/216078.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/216078.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/216078.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1987992573,1525544017&fm=253&fmt=auto?w=1422&h=800
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
180.101.198.211200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Tue, 03 Jan 2023 08:39:42 GMT
x-oss-request-id: 63B3E9CEF01BDA30320260CE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "4C7F46FF62D37B2CC7456F8F9EB96611"
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
vary: Accept-Encoding
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 22
content-encoding: gzip
ali-swift-global-savetime: 1672735182
via: cache7.l2cn3055[0,19,200-0,H], cache51.l2cn3055[23,0], vcache27.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 2790461
x-cache: HIT TCP_HIT dirn:9:20475925
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 12980011
timing-allow-origin: *
eagleid: b465c62416755256432093035e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
180.101.198.211200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 03:08:25 GMT
vary: Accept-Encoding
x-oss-request-id: 634F6A297AA92E33352FF6B9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 29
content-encoding: gzip
ali-swift-global-savetime: 1666148905
via: cache25.l2cn3047[0,0,200-0,H], cache49.l2cn3047[1,0], vcache10.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 9376738
x-cache: HIT TCP_HIT dirn:11:361348434
x-swift-savetime: Wed, 19 Oct 2022 04:31:53 GMT
x-swift-cachetime: 15546992
timing-allow-origin: *
eagleid: b465c62416755256432093036e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/baidu_js_push.js
180.101.198.211200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Tue, 03 Jan 2023 12:52:52 GMT
x-oss-request-id: 63B42524A2FF263437FD44EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 6
ali-swift-global-savetime: 1672750372
via: cache41.l2cn3055[0,0,200-0,H], cache65.l2cn3055[1,0], vcache24.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 2775271
x-cache: HIT TCP_HIT dirn:9:136430831
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 12995201
timing-allow-origin: *
eagleid: b465c62416755256432213042e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/front_ad.js
180.101.198.211200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Mon, 30 Jan 2023 14:45:14 GMT
x-oss-request-id: 63D7D7FA375B533033D1ED45
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1675089914
via: cache29.l2cn2641[0,0,200-0,H], cache20.l2cn2641[1,0], vcache2.cn4732[0,0,200-0,H], vcache16.cn4732[2,0]
age: 435729
x-cache: HIT TCP_HIT dirn:11:22325687
x-swift-savetime: Fri, 03 Feb 2023 10:18:49 GMT
x-swift-cachetime: 15222385
timing-allow-origin: *
eagleid: b465c62416755256433123099e
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/652313.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/652313.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/652313.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4272242601,3093854454&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=952
12732.url.tudown.com/uploads/images/419807.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/419807.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/419807.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=496646664,2249254928&fm=224&app=112&f=JPEG?w=500&h=500
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
180.101.198.211200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3EE37C83934296313
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 101
ali-swift-global-savetime: 1675307171
via: cache51.l2cn3055[128,127,200-0,M], cache71.l2cn3055[129,0], vcache3.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 218472
x-cache: HIT TCP_HIT dirn:11:35063887
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62416755256435013212e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
180.101.198.211200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 180.101.198.211:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Tue, 03 Jan 2023 14:51:52 GMT
x-oss-request-id: 63B44108E8761339321255DD
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 66
ali-swift-global-savetime: 1672757512
via: cache35.l2cn3055[0,0,200-0,H], cache31.l2cn3055[1,0], vcache9.cn4732[0,0,200-0,H], vcache16.cn4732[1,0]
age: 2768131
x-cache: HIT TCP_HIT dirn:9:354643125
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 13002341
timing-allow-origin: *
eagleid: b465c62416755256435083218e
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/682147.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/682147.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/682147.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=905519110,4260712405&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
12732.url.tudown.com/uploads/images/537399.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/537399.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/537399.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=782712908,3305363822&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12732.url.tudown.com/uploads/images/268915.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/268915.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/268915.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1025032097,1279027058&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=401
12732.url.tudown.com/uploads/images/309793.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/309793.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/309793.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2479701200,2263408814&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.215404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.215:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Sat, 04 Feb 2023 15:47:23 GMT
ali-swift-global-savetime: 1675525643
via: cache48.l2cn3037[20,20,404-1280,M], cache54.l2cn3037[21,0], cache54.l2cn3037[22,0], vcache19.cn4733[26,26,404-1280,M], vcache17.cn4733[27,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 15:47:23 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c72516755256437582470e
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/414148.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/414148.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/414148.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1913668018,255780574&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12732.url.tudown.com/uploads/images/341384.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/341384.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/341384.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2556160408,270397814&fm=253&app=120&f=JPEG?w=1280&h=800
12732.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:23 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
union2.50bang.org/web/duoteall?uId2=QUTSTNUQRR&r=&fBL=1280*1024
180.101.190.124200 OK 0 B URL HTTP/1.1 union2.50bang.org/web/duoteall?uId2=QUTSTNUQRR&r=&fBL=1280*1024
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/duoteall?uId2=QUTSTNUQRR&r=&fBL=1280*1024 HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uidFlag=1; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uUid=136163DE7E0C0001037A50670006; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTL=1; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTT=1675525644; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Length: 0
12732.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
12732.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12732.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/template/company/duote-xiazai/css/global.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
12732.url.tudown.com/uploads/images/697801.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/697801.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/697801.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800
12732.url.tudown.com/uploads/images/5193.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/5193.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/5193.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2486954498,2663922424&fm=253&fmt=auto&app=120&f=JPEG?w=888&h=500
12732.url.tudown.com/uploads/images/406893.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/406893.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/406893.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3747757751,3216234103&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=531
12732.url.tudown.com/uploads/images/665949.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/665949.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/665949.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1880593139,1541291693&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505
12732.url.tudown.com/uploads/images/565001.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/565001.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/565001.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1808016061,1340336792&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
12732.url.tudown.com/uploads/images/611065.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/611065.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/611065.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1859839898,486395623&fm=253&fmt=auto&app=138&f=PNG?w=458&h=500
bdcode.2345.com/awycyrm.js
42.81.8.130200 OK 38 kB URL HTTP/1.1 bdcode.2345.com/awycyrm.js
IP 42.81.8.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 5fbb10e03d1f57d1cc8b11f6733f05e9
6c5795f7e16e68be43e5416cf63e509a6caa58b8
550493b918a5548592ae1a76018c938f3ff7e9f64fe5af1dfcf91839e7270bd8
Analyzer Verdict Alert fortinet Malware
GET /awycyrm.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38255
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 16:47:24 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c207457b3cb837dd-143
Server: yunjiasu
12732.url.tudown.com/uploads/images/640580.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/640580.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/640580.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 81f5c123f4a83e821e1e2f7c4101a7bf
650933ff62323a28072863389d558e213041f68a
5a56d766b7901444e0da4d430348ca3f0ddae9cf26f9bb4f41266c36750572d7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 12:17:24 GMT
ETag: "650933ff62323a28072863389d558e213041f68a"
Last-Modified: Sat, 04 Feb 2023 12:17:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2035
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79448b70dc9eb4fd-OSL
12732.url.tudown.com/uploads/images/160013.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/160013.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/160013.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3527261308,422736669&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12732.url.tudown.com/uploads/images/879494.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/879494.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/879494.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3547934588,425058143&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/412717.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/412717.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/412717.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1148678010,3796072657&fm=253&fmt=auto&app=138&f=JPEG?w=226&h=300
12732.url.tudown.com/uploads/images/790419.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/790419.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/790419.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2372809127,57165781&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/281068.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/281068.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/281068.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
12732.url.tudown.com/uploads/images/141379.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/141379.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/141379.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2420663857,1526987197&fm=253&fmt=auto?w=500&h=313
img0.baidu.com/it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800
182.242.59.35200 OK 55 kB URL HTTP/1.1 img0.baidu.com/it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 5c70099af0e8618ce537c0f62dc7e990
7cb57e9c796b6176b8be4070b86fb4a00e69b3e4
8c9d074cf8ee3644327c78dce4bbdd1c864f2d6b23089eb5f443e5cc397adeed
GET /it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpeg
Content-Length: 54666
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:03:50 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 5c70099af0e8618ce537c0f62dc7e990
Age: 45537
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 19:03:50 GMT
Ohc-Cache-HIT: km7ct56 [4], xiangyix56 [4]
Ohc-File-Size: 54666
X-Cache-Status: HIT
12732.url.tudown.com/uploads/images/674538.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/674538.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/674538.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1748480310,3664289343&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671
12732.url.tudown.com/uploads/images/619173.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/619173.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/619173.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2516689219,3309501234&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/172114.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/172114.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/172114.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=945998793,3154147444&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
12732.url.tudown.com/uploads/images/778521.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/778521.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/778521.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1700406931,2331889492&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=280
12732.url.tudown.com/uploads/images/633540.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/633540.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/633540.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4208291045,2975080820&fm=224&app=112&f=JPEG?w=368&h=500
img1.baidu.com/it/u=1808016061,1340336792&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
183.136.216.35200 OK 39 kB URL HTTP/2 img1.baidu.com/it/u=1808016061,1340336792&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b67170dba452c201076f5eab70ed6e8d
7c0c2e175fe21030956e7e654fec7bab1b86a4da
f8ebff036f31fe34ceca66a8da564f71a567abf9dbf6b6136c1e5f3da27a8972
GET /it/u=1808016061,1340336792&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 39254
expires: Sun, 05 Mar 2023 10:49:56 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b67170dba452c201076f5eab70ed6e8d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 10:49:56 GMT
ohc-cache-hit: shaoxct73 [1], qdix239 [4]
ohc-file-size: 39254
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2127145328,732012671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
183.136.216.35200 OK 43 kB URL HTTP/2 img1.baidu.com/it/u=2127145328,732012671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x714, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3bc7fee1d9581b8ebd154cfd2a418448
06f4937ac56528fd006e1f1e49cbdb7bf2a9bc08
2191d613b9d2d4a05b3ba7dfb8ae3a55f05652699c319a0928503bdc37c44c76
GET /it/u=2127145328,732012671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 43272
expires: Sun, 19 Feb 2023 20:37:04 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3bc7fee1d9581b8ebd154cfd2a418448
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 20:37:04 GMT
ohc-cache-hit: shaoxct61 [1], czix153 [4]
ohc-file-size: 43272
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1025032097,1279027058&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=401
183.136.216.35200 OK 5.8 kB URL HTTP/2 img1.baidu.com/it/u=1025032097,1279027058&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=401
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x401, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a22f90718f37e42d4cb2081519c6962
41339650cfc7baa610c0010057f81afaab46e92a
f304446e8adeef15ff12df6e3c5e29936dc797c84a2d38f870988be092e5f2e9
GET /it/u=1025032097,1279027058&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=401 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 5790
expires: Mon, 20 Feb 2023 13:00:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6a22f90718f37e42d4cb2081519c6962
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:00:35 GMT
ohc-cache-hit: shaoxct72 [1], czix179 [4]
ohc-file-size: 5790
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1880593139,1541291693&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505
182.242.59.35200 OK 38 kB URL HTTP/1.1 img0.baidu.com/it/u=1880593139,1541291693&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x505, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 121886da958ce1337f3ab9e8af293363
6e3f3566c239b33e67b84edc16c29800ddb92363
1292d4aa1308df673cf52fb148ed646ade883e180d684fca51cae7bcc04d7d09
GET /it/u=1880593139,1541291693&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=505 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/webp
Content-Length: 37826
Connection: keep-alive
Expires: Mon, 20 Feb 2023 13:48:16 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 121886da958ce1337f3ab9e8af293363
Age: 108738
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 13:48:16 GMT
Ohc-Cache-HIT: km7ct60 [4], xiangyix212 [2]
Ohc-File-Size: 37826
X-Cache-Status: HIT
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash eceaa87d9a3316ee0dcad3fa5f444ee7
74afece1d64ad7c63136ffcd5d58ad1d15a764df
fb586a5f0f8968e29212268bb4bd746eae9cc20b4eda7fc41f1420482c74b3b9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 15:47:25 GMT
last-modified: Thu, 02 Feb 2023 04:39:52 GMT
expires: Thu, 09 Feb 2023 04:39:51 GMT
etag: "74afece1d64ad7c63136ffcd5d58ad1d15a764df"
cache-control: max-age=500058,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 79448b74bd4c35f9-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675525645
via: cache9.l2de2[31,31,304-0,M], cache25.l2de2[32,0], cache8.se1[121,121,200-0,H], cache5.se1[122,0], cache3.se1[124,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:4:281658634
x-swift-savetime: Sat, 04 Feb 2023 15:47:25 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9716755256454482259e, 2ff62c9716755256454482259e
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 06 Feb 2023 08:39:29 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 112075
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: JT6BkvVLE9azBPO/DzyM7YxGrIXhgA5dvh7eappSaehhbpZwAXTf8t2hHCCbT5PKQBm7He3SXz5sqguLRbgK1Q==
x-bce-request-id: 010843bc-3dd7-4dcd-8bdf-0ab184bc4b71
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 08:39:29 GMT
Ohc-Cache-HIT: wz2ct54 [2], nb2ctcache77 [1]
Ohc-Response-Time: 1 0 0 0 0 0
img0.baidu.com/it/u=2359150615,627469233&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.242.59.35200 OK 52 kB URL HTTP/2 img0.baidu.com/it/u=2359150615,627469233&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 07c7e9936959498f2f4bf2655abd83d3
84fb255c7df280b5dc63593da7f1ee6f179d76cb
2c3ddf55a4e1886d06ffc5da3b09aa7fc0b76123bd2fe5adbbf5a8f138b55c9b
GET /it/u=2359150615,627469233&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 52372
expires: Mon, 20 Feb 2023 12:33:19 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 07c7e9936959498f2f4bf2655abd83d3
age: 113202
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 12:33:19 GMT
ohc-cache-hit: km7ct52 [4], bdix226 [2]
ohc-file-size: 52372
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
182.242.59.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c521d95ec65fb91c8caa3407c3665104
e5dbcbaed7de685725c53afcc1d529472b60f550
b33b1929f06c2bd207d78623bb71c07e423fddaab7d5fbe65b45b421d5cd5a2e
GET /it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 17046
expires: Fri, 24 Feb 2023 03:31:52 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c521d95ec65fb91c8caa3407c3665104
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 03:31:52 GMT
ohc-cache-hit: km7ct83 [1], xiangyix145 [4]
ohc-file-size: 17046
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2556160408,270397814&fm=253&app=120&f=JPEG?w=1280&h=800
182.140.225.35200 OK 129 kB URL HTTP/1.1 img2.baidu.com/it/u=2556160408,270397814&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 129 kB (128727 bytes)
Hash f2d96b96bc5d9b349afbb78d14609317
b83fbbfb5c506747134476e146b2fc7ddf559f47
13275e4934a289b3257e7de5136aa4abdaf483be447655142950c1a806c12756
GET /it/u=2556160408,270397814&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:24 GMT
Content-Type: image/jpeg
Content-Length: 128727
Connection: keep-alive
Expires: Sun, 26 Feb 2023 04:32:02 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: f2d96b96bc5d9b349afbb78d14609317
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 04:32:02 GMT
Ohc-Cache-HIT: cd5ct75 [1], czix161 [4]
Ohc-File-Size: 128727
X-Cache-Status: MISS
img0.baidu.com/it/u=1148678010,3796072657&fm=253&fmt=auto&app=138&f=JPEG?w=226&h=300
182.242.59.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=1148678010,3796072657&fm=253&fmt=auto&app=138&f=JPEG?w=226&h=300
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 226x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8bb4f88c5ca9f7f948f562f50ff9c533
601597a4ffab4ef491ae85adb13a32969e5d6048
ec082a86779d5aeb385105bc4d677dbe023e41a802fc0fa5e84307b6163b7212
GET /it/u=1148678010,3796072657&fm=253&fmt=auto&app=138&f=JPEG?w=226&h=300 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 17228
expires: Sat, 18 Feb 2023 04:39:28 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 8bb4f88c5ca9f7f948f562f50ff9c533
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:39:28 GMT
ohc-cache-hit: km7ct72 [1], xiangyix99 [4]
ohc-file-size: 17228
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/781035.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/781035.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/781035.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2791491984,4015087914&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
12732.url.tudown.com/uploads/images/816908.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/816908.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/816908.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/182112.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/182112.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/182112.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2970134638,2658398603&fm=253&app=120&f=JPEG?w=1422&h=800
12732.url.tudown.com/uploads/images/132189.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/132189.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/132189.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
12732.url.tudown.com/uploads/images/27075.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/27075.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/27075.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2635167135,4050530486&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=905519110,4260712405&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
183.136.216.35200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=905519110,4260712405&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1b1fc4e1469268822a0a77e9d1c728e
c8deb6df3b7224fc88c8ebe40cbc9f49c2f44ed0
856585e8599a475a2eff70065b9a8e11615f91173f2f98b3ec73cd9a41d9dfc5
GET /it/u=905519110,4260712405&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 35972
expires: Fri, 03 Mar 2023 13:50:38 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: f1b1fc4e1469268822a0a77e9d1c728e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 13:50:38 GMT
ohc-cache-hit: shaoxct52 [1], wzix88 [2]
ohc-file-size: 35972
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
183.136.216.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3049dbfe7ea96d05d6d7c2026128dcf1
34aac4a8b7dd83d6684cf1ab6228e547be288d5b
e9dd027587b4c1fcaf0c6931a30402095924640d9d4f8d84df94a90ca04f3419
GET /it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 13460
expires: Sun, 19 Feb 2023 16:46:18 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3049dbfe7ea96d05d6d7c2026128dcf1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 16:46:18 GMT
ohc-cache-hit: shaoxct62 [1], xaix62 [4]
ohc-file-size: 13460
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
183.136.216.35200 OK 3.1 kB URL HTTP/2 img1.baidu.com/it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x224, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e0b36924c76417173458447c5d9b9d2
7e4be9e21d923e772da56ae4b0d1fac75c9b3696
fe9948d06a5396607b865d329369bb39e88418d6cea25dd78ebf0c6ab3bbb1ac
GET /it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 3148
expires: Tue, 14 Feb 2023 08:55:52 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1e0b36924c76417173458447c5d9b9d2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:55:52 GMT
ohc-cache-hit: shaoxct68 [1], suzix101 [4]
ohc-file-size: 3148
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3527261308,422736669&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.242.59.35200 OK 69 kB URL HTTP/2 img0.baidu.com/it/u=3527261308,422736669&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a085c5f29709b7346a7b955d1cf0765
ee1669b1c6db1386b9b6bdab2b00bcd585c1ad87
4254e47981e9b0107c4a91543f272622fac2d1c9026188f72d7af4a46f1bd398
GET /it/u=3527261308,422736669&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 69430
expires: Tue, 07 Feb 2023 21:21:01 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1a085c5f29709b7346a7b955d1cf0765
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 21:21:01 GMT
ohc-cache-hit: km7ct60 [1], xaix197 [4]
ohc-file-size: 69430
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1913668018,255780574&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
182.242.59.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=1913668018,255780574&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 94e50f725a8159d28165227103502fae
d54c742be9a671e8f2fc0b6497ff21a0b2c88a20
5b861a250def0d37734e84f31093f2299b8b5ee91306ae8304401dd2390445c9
GET /it/u=1913668018,255780574&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 20072
expires: Wed, 08 Feb 2023 08:34:51 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 94e50f725a8159d28165227103502fae
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 08:34:51 GMT
ohc-cache-hit: km7ct59 [1], bdix234 [4]
ohc-file-size: 20072
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=782712908,3305363822&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
183.136.216.35200 OK 47 kB URL HTTP/2 img1.baidu.com/it/u=782712908,3305363822&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 461ae0a8dce89aa5c4fd199b7865ee6c
1c39ebea6ffa595f49276b3c3b89bd80fde29a86
3c44c54a13869124ee4aed9c09f4347cbaf9cd173ddaa23a80abefb01426113a
GET /it/u=782712908,3305363822&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 46968
expires: Mon, 06 Mar 2023 15:47:25 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 461ae0a8dce89aa5c4fd199b7865ee6c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 15:47:25 GMT
ohc-cache-hit: shaoxct61 [1], xiangyix238 [2]
ohc-file-size: 46968
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/633691.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/633691.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/633691.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2396899889,1491874221&fm=224&app=112&f=JPEG?w=500&h=500&s=92A0D4A112E2B6E8068D4DBE03007012
img1.baidu.com/it/u=2486954498,2663922424&fm=253&fmt=auto&app=120&f=JPEG?w=888&h=500
183.136.216.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=2486954498,2663922424&fm=253&fmt=auto&app=120&f=JPEG?w=888&h=500
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 888x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8f87db12420fe4355fc07f560cd9f1e
680fa1a55e18f7b8c28b55e18ac33acaa7d10aa1
b0f7c09a1546b9f2f6cc1d45842d123f1a0f21062327500c60bfd4e28abd830e
GET /it/u=2486954498,2663922424&fm=253&fmt=auto&app=120&f=JPEG?w=888&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 27354
expires: Tue, 21 Feb 2023 00:42:09 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d8f87db12420fe4355fc07f560cd9f1e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 00:42:09 GMT
ohc-cache-hit: shaoxct66 [1], qdix152 [4]
ohc-file-size: 27354
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2420663857,1526987197&fm=253&fmt=auto?w=500&h=313
183.136.216.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=2420663857,1526987197&fm=253&fmt=auto?w=500&h=313
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 472cd5151fbd14f3847acb23a33ed919
696f5236a40983d97349f352b92973d805225a43
b9ee10905997d1b72aa96dc306df87d1bb139fec7f033247232539ce31f60bab
GET /it/u=2420663857,1526987197&fm=253&fmt=auto?w=500&h=313 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 19046
expires: Thu, 23 Feb 2023 10:33:37 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 472cd5151fbd14f3847acb23a33ed919
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 10:33:37 GMT
ohc-cache-hit: shaoxct62 [1], bdix227 [2]
ohc-file-size: 19046
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1700406931,2331889492&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=280
183.136.216.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=1700406931,2331889492&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=280
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 499x280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a4f66a90393476c9fc007aa346f8507
bf8715c34ae1f567339a3a1c82a32d25348f8f8a
862b1026ba9bbc59d76bde855082b089d8ad548a1426457a7591389886c8e5df
GET /it/u=1700406931,2331889492&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 16360
expires: Mon, 06 Feb 2023 10:20:59 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1a4f66a90393476c9fc007aa346f8507
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 10:20:59 GMT
ohc-cache-hit: shaoxct54 [1], suzix221 [4]
ohc-file-size: 16360
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2791491984,4015087914&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
183.136.216.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=2791491984,4015087914&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba0ad5446c1f7711962f39a18d3c152a
5e14b191a3b792602374e93092ee98be75b01613
86314858770946f0c95a080ff765823d7fad720be9db0b42097adeb5bcf107d7
GET /it/u=2791491984,4015087914&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 31602
expires: Fri, 03 Mar 2023 02:40:41 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: ba0ad5446c1f7711962f39a18d3c152a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 02:40:41 GMT
ohc-cache-hit: shaoxct63 [1], csix111 [4]
ohc-file-size: 31602
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/372638.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/372638.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/372638.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:25 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
12732.url.tudown.com/uploads/images/904560.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/904560.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/904560.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=152378212,3081094847&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
12732.url.tudown.com/uploads/images/617545.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/617545.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/617545.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=909572906,4015997866&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=631
12732.url.tudown.com/uploads/images/418409.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/418409.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/418409.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1799105427,1730698596&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/40434.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/40434.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/40434.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=446488040,2211681049&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
img0.baidu.com/it/u=1859839898,486395623&fm=253&fmt=auto&app=138&f=PNG?w=458&h=500
182.242.59.35200 OK 92 kB URL HTTP/2 img0.baidu.com/it/u=1859839898,486395623&fm=253&fmt=auto&app=138&f=PNG?w=458&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 458x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad522d8c5742165428ba0f9997dd4b36
6a748939d83dbc632fd16210e4d5fcc3912cfe0c
1fc00e9ae8025904ce04fa7a12f4272a47cce68da5e8991616fae1a88db0b677
GET /it/u=1859839898,486395623&fm=253&fmt=auto&app=138&f=PNG?w=458&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 91594
expires: Mon, 13 Feb 2023 06:33:07 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: ad522d8c5742165428ba0f9997dd4b36
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 14 Jan 2023 06:33:07 GMT
ohc-cache-hit: km7ct85 [1], wzix98 [4]
ohc-file-size: 91594
x-cache-status: MISS
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 15:47:26 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 15:47:26 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=E07D2944620A08EE171FFDD1F99798AD:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 15:47:26 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
180.122.78.243200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 180.122.78.243:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:47 GMT
x-oss-request-id: 63B54CAB565BBE34373244FA
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 16
Ali-Swift-Global-Savetime: 1672826027
Via: cache46.l2cn2647[0,0,200-0,H], cache75.l2cn2647[1,0], vcache12.cn2811[0,0,200-0,H], vcache10.cn2811[2,0]
Age: 2699618
X-Cache: HIT TCP_MEM_HIT dirn:9:558982005
X-Swift-SaveTime: Sat, 28 Jan 2023 04:12:56 GMT
X-Swift-CacheTime: 13498851
Timing-Allow-Origin: *
EagleId: b47a4ea016755256458786612e
img0.baidu.com/it/u=1748480310,3664289343&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671
182.242.59.35200 OK 63 kB URL HTTP/2 img0.baidu.com/it/u=1748480310,3664289343&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x671, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45837f9575590f5c0c378354d7300ed8
bf80f803fb83e6d61c7e7b7b2f2850c7bc716109
8e5421e87b383107c43a1357277ba03de58d6b56cf966e653349c0a625edc895
GET /it/u=1748480310,3664289343&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 63320
expires: Tue, 28 Feb 2023 03:09:14 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 45837f9575590f5c0c378354d7300ed8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 03:09:14 GMT
ohc-cache-hit: km7ct54 [1], xiangyix172 [4]
ohc-file-size: 63320
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=945998793,3154147444&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
182.242.59.35200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=945998793,3154147444&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a57a17f2dfb3aed215cb76ba498a0874
5a47d2b9e36bd23faf9b129e19b6155c47ac87e7
529676ffdeb0064834758d70ec1c73ac2b66cf3f54155b99ad05d70f5c9fdd60
GET /it/u=945998793,3154147444&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 9998
expires: Fri, 17 Feb 2023 15:02:01 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: a57a17f2dfb3aed215cb76ba498a0874
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 15:02:01 GMT
ohc-cache-hit: km7ct61 [1], wzix61 [2]
ohc-file-size: 9998
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
182.242.59.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e16fa196a20463ddb8d852050f82f528
3d19122dd83e4b5c7bf2f62beccc736b11223768
740cf1e45b94726aec0c7cee734763919a52b32b1605fb38123d8b6a45e31411
GET /it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:25 GMT
content-type: image/webp
content-length: 17954
expires: Fri, 17 Feb 2023 08:17:06 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: e16fa196a20463ddb8d852050f82f528
age: 202595
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 08:17:06 GMT
ohc-cache-hit: km7ct67 [4], suzix95 [2]
ohc-file-size: 17954
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 79d3290d2e25c6aa0bbf1894cc58ee25
dfcd92e6e8545519b79e27ff344ab248d70e45e1
95ba679ac85556e786f4fe289cf5db2bc388ea4b1b116f9ae061067159874a93
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 15:47:25 GMT
Etag: fa7ccdfcd142e887bd556f45fdb6776f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=65D2AFD4F48C54D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
t14.baidu.com/it/u=4208291045,2975080820&fm=224&app=112&f=JPEG?w=368&h=500
185.10.104.124200 OK 27 kB URL HTTP/1.1 t14.baidu.com/it/u=4208291045,2975080820&fm=224&app=112&f=JPEG?w=368&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 368x500, components 3\012- data
Hash 465a4dcd02253f1efe7bc9f5f384a8c6
066bd3f465a44ea2caeff323e11f476579f83f4e
f3fddb8e3024ce36d61b351b0b88c7426cb4b588f6df761b068abac15650ff43
GET /it/u=4208291045,2975080820&fm=224&app=112&f=JPEG?w=368&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 27222
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:08:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 465a4dcd02253f1efe7bc9f5f384a8c6
Age: 2052985
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:08:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache63 [4], xaix82 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27222
X-Cache-Status: HIT
Timing-Allow-Origin: *
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Feb 2023 16:10:44 GMT
Last-Modified: Tue, 10 Jan 2023 11:33:17 GMT
ETag: "63bd4cfd-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 2202
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 15:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [2]
Ohc-File-Size: 191
X-Cache-Status: HIT
t14.baidu.com/it/u=3958606269,1426629133&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t14.baidu.com/it/u=3958606269,1426629133&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bad5944e12473c0a4733a4fa526647ff
2167bd6575150d0e0f46a9a5b58ba83a9693430a
853fe86f0e22fd9db86b44ded194281f3c1f6e58577762825cf56507daef2b67
GET /it/u=3958606269,1426629133&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 46358
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:37:19 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: bad5944e12473c0a4733a4fa526647ff
Age: 387824
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:37:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache50 [1], xaix50 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46358
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=4026963693,1107216391&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 43 kB URL HTTP/1.1 t13.baidu.com/it/u=4026963693,1107216391&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1acddc10580fb36977a99effd7b06e38
b09383fc78e33993fcb468d4be923f0da1a8ec31
18fd68d53e3f40af637c9919ec2754d2a415333786df1e65f8218cbd238c301e
GET /it/u=4026963693,1107216391&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 42991
Connection: keep-alive
Expires: Wed, 08 Feb 2023 02:12:19 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 1acddc10580fb36977a99effd7b06e38
Age: 2054516
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 02:12:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache62 [1], wzix99 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42991
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=1799105427,1730698596&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t13.baidu.com/it/u=1799105427,1730698596&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fda83c182ee071e2a3a089cf7e91055a
aba8d2cd7fd55994125a948e3ed94311a894efcc
1472a70157c268e3276b3537fbc4db4ca559415191915be5ed058317f1df25dd
GET /it/u=1799105427,1730698596&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 60005
Connection: keep-alive
Expires: Tue, 21 Feb 2023 04:01:15 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: fda83c182ee071e2a3a089cf7e91055a
Age: 1083521
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 04:01:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache55 [4], bdix119 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 60005
X-Cache-Status: HIT
Timing-Allow-Origin: *
12732.url.tudown.com/uploads/images/489099.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/489099.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/489099.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268
t14.baidu.com/it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 67 kB URL HTTP/1.1 t14.baidu.com/it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0b255f9b9ca07df4e9a9722ebe87e8e5
1d98b817887e6f99d329b6c2d8cc710e1977591c
9ec7120865220a6b98c1089668c23416a81f9c65644176f095860f2d9cbaece4
GET /it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 66822
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:04:00 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 0b255f9b9ca07df4e9a9722ebe87e8e5
Age: 2054099
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 07:04:00 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], xauncache100 [1], suzix111 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 66822
X-Cache-Status: HIT
Timing-Allow-Origin: *
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.215200 OK 30 kB URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.215:0
Hash 0b43437fdeb7c242d8715aa5dfe4ce53
08d4d3a5b232c08400038ebb53e9493fcd03d6a1
d1e7025fe5637e382b37d5434e4cc0df92eee9c61afb5423d06499a40efd7b8f
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Sat, 04 Feb 2023 15:04:54 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1675523094
via: cache59.l2cn3037[0,0,304-0,H], cache27.l2cn3037[0,0], cache27.l2cn3037[1,0], vcache20.cn4733[0,0,200-0,H], vcache17.cn4733[1,0]
age: 2548
x-cache: HIT TCP_MEM_HIT dirn:10:202934290
x-swift-savetime: Sat, 04 Feb 2023 15:05:47 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c72516755256427761609e
content-encoding: gzip
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4102967583,720449785&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=354
182.140.225.35200 OK 11 kB URL HTTP/2 img2.baidu.com/it/u=4102967583,720449785&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=354
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x354, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8d444f22a8db4929a3e5f0b9d658962f
8874c78fca8e041a9db158606feaf1af28582715
9eeacf10ed50479a97332ca44ed9b986116dd5ed40bced7365fd2036d0f028be
GET /it/u=4102967583,720449785&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=354 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 11030
expires: Sun, 26 Feb 2023 03:38:00 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 8d444f22a8db4929a3e5f0b9d658962f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 03:38:00 GMT
ohc-cache-hit: cd5ct72 [1], xiangyix99 [4]
ohc-file-size: 11030
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
183.136.216.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1602e0d72b4e23bc8d34f7e51d9fe31e
73e4a65840ccd87557424dcd1095522a56d5eb41
d46cd537c18f72bfed3af1c365cea174903b177103c563e8bde3dd5252b3548a
GET /it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 19106
expires: Tue, 07 Feb 2023 12:45:08 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 1602e0d72b4e23bc8d34f7e51d9fe31e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 12:45:08 GMT
ohc-cache-hit: shaoxct66 [1], csix114 [4]
ohc-file-size: 19106
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=152378212,3081094847&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
183.136.216.35200 OK 54 kB URL HTTP/2 img1.baidu.com/it/u=152378212,3081094847&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x710, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 97a7cab49615d1c00044c25cc5324e58
81ec4bb076e39760f3d3598bfa1fd9de3cc36e3e
d08d7ffe442c954ad47e0e212aade2b23075e385e92aff54eebfe7d1691560a1
GET /it/u=152378212,3081094847&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 53940
expires: Wed, 15 Feb 2023 08:15:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 97a7cab49615d1c00044c25cc5324e58
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 08:15:05 GMT
ohc-cache-hit: shaoxct52 [1], xaix195 [4]
ohc-file-size: 53940
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=446488040,2211681049&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
182.242.59.35200 OK 6.4 kB URL HTTP/2 img0.baidu.com/it/u=446488040,2211681049&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4ef0dac254e582f82f27b64cd50037d
edd743f4362c8d3055bb78e60b037c3e6d336a12
083eb249c3859894a3758b188c41d55403cee626249ba921866d225fa9ab80be
GET /it/u=446488040,2211681049&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 6388
expires: Fri, 03 Mar 2023 03:45:49 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b4ef0dac254e582f82f27b64cd50037d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 03:45:49 GMT
ohc-cache-hit: km7ct85 [1], suzix107 [4]
ohc-file-size: 6388
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/823390.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/823390.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/823390.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2551813505,798743326&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/323002.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/323002.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/323002.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3484575870,1529232270&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
12732.url.tudown.com/uploads/images/322581.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/322581.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/322581.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
12732.url.tudown.com/uploads/images/719776.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/719776.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/719776.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1860816323,2457517798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=981
t13.baidu.com/it/u=2551813505,798743326&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t13.baidu.com/it/u=2551813505,798743326&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e392236e88a934d1d3cf7066672b0742
ba2d13bce09cc872278b4d3dc7a6702638a00dad
87629ac9c873802166678912690b483a41d679d8d763c37ad613936b862d65ca
GET /it/u=2551813505,798743326&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 49251
Connection: keep-alive
Expires: Sun, 05 Feb 2023 15:24:07 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e392236e88a934d1d3cf7066672b0742
Age: 2053879
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 15:24:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache51 [1], wzix86 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49251
X-Cache-Status: HIT
Timing-Allow-Origin: *
12732.url.tudown.com/uploads/images/193746.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/193746.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/193746.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4099763382,3424408054&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=4099763382,3424408054&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 50 kB URL HTTP/1.1 t14.baidu.com/it/u=4099763382,3424408054&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a0daf1132a6af382b259c0e998381a27
4c65c2d929fe09c81ba5c301e32c76c4a61797bc
e672f2d895f92b10e0a4a3e00ab141508d561cc9c3b3df5a395ab1ffabb8ff28
GET /it/u=4099763382,3424408054&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 50369
Connection: keep-alive
Expires: Mon, 06 Feb 2023 06:37:46 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: a0daf1132a6af382b259c0e998381a27
Age: 2114834
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 06:37:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache61 [1], xaix226 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50369
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=1154681949,3347615978&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=500
182.140.225.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=1154681949,3347615978&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 584x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbc43f14f3965006bc4bd54944ee5834
6042a8811e6ddf0fab78bb9c2051c7a7b88cc267
ccd4afeef31d215bdba8d215a3385e2ad4a63cf9349124445092678c5ba08111
GET /it/u=1154681949,3347615978&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 18562
expires: Thu, 09 Feb 2023 07:36:06 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bbc43f14f3965006bc4bd54944ee5834
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 07:36:06 GMT
ohc-cache-hit: cd5ct81 [1], xiangyix209 [4]
ohc-file-size: 18562
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1443111533,475388791&fm=253&fmt=auto&app=120&f=JPEG?w=660&h=363
182.140.225.35200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=1443111533,475388791&fm=253&fmt=auto&app=120&f=JPEG?w=660&h=363
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 660x363, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4e7e215ed4583e651441c239104b1f6
976c7570666c17846ec4cb5a626dfac18ddd1755
f3d3bd5d22e365cbe6c65c776b80e61b7fd7a9acb7381c8249ee482b66c63d51
GET /it/u=1443111533,475388791&fm=253&fmt=auto&app=120&f=JPEG?w=660&h=363 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 16718
expires: Mon, 13 Feb 2023 23:43:25 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d4e7e215ed4583e651441c239104b1f6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 14 Jan 2023 23:43:25 GMT
ohc-cache-hit: cd5ct62 [1], wzix97 [4]
ohc-file-size: 16718
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
182.140.225.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x681, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc144a19de6edc8fac134a63b616f86e
edf8b5ec243bdafe7002c8adc201c958432ba825
a17bd83bd92e7b4f579877358861a1703ccfffb7ec0c419fb55ca80723b9293b
GET /it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 18988
expires: Sun, 19 Feb 2023 07:32:00 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fc144a19de6edc8fac134a63b616f86e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 07:32:00 GMT
ohc-cache-hit: cd5ct77 [1], wzix77 [4]
ohc-file-size: 18988
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1960460048&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=57873&r=0&ww=1152&u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&tt=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1960460048&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=57873&r=0&ww=1152&u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&tt=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1960460048&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=57873&r=0&ww=1152&u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&tt=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 15:47:26 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=649361B7E2E57FC4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12732.url.tudown.com/uploads/images/234373.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/234373.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/234373.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1743507686,1261803091&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=450
12732.url.tudown.com/uploads/images/607909.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/607909.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/607909.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
12732.url.tudown.com/uploads/images/83466.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/83466.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/83466.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3484575870,1529232270&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
183.136.216.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=3484575870,1529232270&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 353x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c52c1aa7e5b3645feff654c01ff77a5
a7ff25203b5519a69857c333ca7f509fe462e57e
a5cccada85b3b3f38899fbb898511e00a3e567b0a5a9a4afe4ea7303a1a11fe2
GET /it/u=3484575870,1529232270&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 22722
expires: Wed, 22 Feb 2023 03:32:39 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 8c52c1aa7e5b3645feff654c01ff77a5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:32:39 GMT
ohc-cache-hit: shaoxct50 [1], xaix132 [4]
ohc-file-size: 22722
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1860816323,2457517798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=981
182.242.59.35200 OK 38 kB URL HTTP/2 img0.baidu.com/it/u=1860816323,2457517798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=981
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x981, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a810cb9662aacd3acb2c2b1a3c6687b
19a165caaf10c3bfabca5e7e5e0cdf99d838f053
47d8d67372db5a255bb5a87106be70e467a49e53d40882825f2c22e6c6853099
GET /it/u=1860816323,2457517798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=981 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 37878
expires: Sun, 26 Feb 2023 01:28:25 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3a810cb9662aacd3acb2c2b1a3c6687b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 01:28:25 GMT
ohc-cache-hit: km7ct85 [1], bdix230 [4]
ohc-file-size: 37878
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/883871.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/883871.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/883871.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=466953155,205157467&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
12732.url.tudown.com/uploads/images/732225.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/732225.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/732225.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3186698285,4074400735&fm=253&app=120&f=JPEG?w=1280&h=800
12732.url.tudown.com/uploads/images/41714.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/41714.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/41714.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3897158553,3167431377&fm=253&fmt=auto&app=138&f=JPEG?w=460&h=292
img0.baidu.com/it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
182.242.59.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 104d4fcfad56cf3a65de0a90ef23ffb4
c76fae2ccb5e63522ca6ffe4d7637e87680319c4
9570e295f5f5135fe869cd6626f53d5ed098c763a1204662fc4c4d0fe748a149
GET /it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 13836
expires: Sat, 04 Mar 2023 14:03:09 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 104d4fcfad56cf3a65de0a90ef23ffb4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 14:03:09 GMT
ohc-cache-hit: km7ct71 [1], xiangyix168 [4]
ohc-file-size: 13836
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2372809127,57165781&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t13.baidu.com/it/u=2372809127,57165781&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bc3031ce08751615b6807d97f754b934
7cd5bae5edcad0f97c279857a3ee5af078830dd5
716efbba5ced4777c7dd3a86960cc15fb7445de7a957bdb877ee882b2b95a326
GET /it/u=2372809127,57165781&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 30435
Connection: keep-alive
Expires: Sun, 05 Mar 2023 10:49:55 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bc3031ce08751615b6807d97f754b934
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 10:49:55 GMT
Ohc-Upstream-Trace: 113.142.198.177; 58.20.204.55
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache64 [4], xaix177 [2]
Ohc-Response-Time: 1 0 0 0 615 615
Ohc-File-Size: 30435
X-Cache-Status: MISS
Timing-Allow-Origin: *
img2.baidu.com/it/u=1987992573,1525544017&fm=253&fmt=auto?w=1422&h=800
182.140.225.35200 OK 100 kB URL HTTP/2 img2.baidu.com/it/u=1987992573,1525544017&fm=253&fmt=auto?w=1422&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 211bd3fb1c8c4f71828cadd005e0d1cc
41621bf636b6a2f2500c99eef3a95c9500a1687a
9a994cb54b38445cdf65d0e0836d3536864d0516ec994e0dc28473944a3e5d40
GET /it/u=1987992573,1525544017&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 99470
expires: Mon, 20 Feb 2023 12:38:38 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 211bd3fb1c8c4f71828cadd005e0d1cc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 12:38:38 GMT
ohc-cache-hit: cd5ct73 [1], qdix108 [4]
ohc-file-size: 99470
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3547934588,425058143&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=3547934588,425058143&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 76131008a9d1cb0b87abad6deae931b7
8cbf62227b45729dc108729ff4d14df241f44da1
e67d30228758d35fa1e2047140f820ddf71c0d917bac2cbd7731942bc04a402a
GET /it/u=3547934588,425058143&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 18734
expires: Sun, 12 Feb 2023 00:18:59 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 76131008a9d1cb0b87abad6deae931b7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 00:18:59 GMT
ohc-cache-hit: cd5ct52 [1], czix240 [4]
ohc-file-size: 18734
x-cache-status: MISS
X-Firefox-Spdy: h2
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3965713834&s2=1566741629<u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&dc=3&ti=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=1802x0&drs=3&pcs=1140x824&pss=1200x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675525680&psr=1280x1024&par=1280x1024&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675525681&dtm=HTML_POST&tpr=1675525680954&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=166e2c2b76459bc1&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3965713834&s2=1566741629<u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&dc=3&ti=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=1802x0&drs=3&pcs=1140x824&pss=1200x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675525680&psr=1280x1024&par=1280x1024&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675525681&dtm=HTML_POST&tpr=1675525680954&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=166e2c2b76459bc1&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7457)
Hash 23da41df880544204c128d7a614b9ac5
77922831d86462cc15f8204d6744327eb9392fc0
bd56dc947dee39110a2a2730ec74de2aa296bf63f20579fa6c7110bdfbbe898b
GET /s?wid=910&hei=120&di=u4965894&s1=3965713834&s2=1566741629<u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&dc=3&ti=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=1802x0&drs=3&pcs=1140x824&pss=1200x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675525680&psr=1280x1024&par=1280x1024&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675525681&dtm=HTML_POST&tpr=1675525680954&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=166e2c2b76459bc1&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 04 Feb 2023 15:47:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 23:47:26 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=75A54DFFA14A92E88E91B7A251CB81D1:FG=1; expires=Sun, 04-Feb-54 15:47:26 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13257
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/287616.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/287616.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/287616.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3206947797,2357396840&fm=224&app=112&f=JPEG?w=284&h=284
t13.baidu.com/it/u=3206947797,2357396840&fm=224&app=112&f=JPEG?w=284&h=284
185.10.104.124200 OK 17 kB URL HTTP/1.1 t13.baidu.com/it/u=3206947797,2357396840&fm=224&app=112&f=JPEG?w=284&h=284
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 284x284, components 3\012- data
Hash e6a62f11a428979a2bad5559994e8ca4
aa896c0d9e8335d8b2ab2d1bd1451fb9d10ffdff
0aa72d417040bebc91edbc2edb4d462b3808b2a28bc240c9c8fff204f4e9ad12
GET /it/u=3206947797,2357396840&fm=224&app=112&f=JPEG?w=284&h=284 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 17119
Connection: keep-alive
Expires: Thu, 16 Feb 2023 16:06:27 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: e6a62f11a428979a2bad5559994e8ca4
Age: 1433345
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 16:06:27 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache57 [1], suzix220 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 17119
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
182.242.59.35200 OK 810 B URL HTTP/2 img0.baidu.com/it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 796c7d7f62542860b46d1188ecfe0f01
a2e6823f7ae657afe400847cedc01dd277acf53e
d9c03db5264f2bbe1fb2ebe707a07e4ecf9123f0fc039c1008e00aca96f80468
GET /it/u=605535103,844291182&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 810
expires: Wed, 22 Feb 2023 01:29:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 796c7d7f62542860b46d1188ecfe0f01
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:29:23 GMT
ohc-cache-hit: km7ct59 [1], czix174 [4]
ohc-file-size: 810
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4272242601,3093854454&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=952
182.140.225.35200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=4272242601,3093854454&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=952
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x952, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 615a681704246683d939ffdf83f7c391
ebe315d3321780f364ae033e99e7a6a25b28de5c
605bc4f04ae761d4a2c4450ef293d4565daf4ce4193f92f8a2eb21ba741868de
GET /it/u=4272242601,3093854454&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=952 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 31958
expires: Sat, 11 Feb 2023 13:45:49 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 615a681704246683d939ffdf83f7c391
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 13:45:49 GMT
ohc-cache-hit: cd5ct50 [1], suzix123 [4]
ohc-file-size: 31958
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2970134638,2658398603&fm=253&app=120&f=JPEG?w=1422&h=800
182.242.59.35200 OK 145 kB URL HTTP/1.1 img0.baidu.com/it/u=2970134638,2658398603&fm=253&app=120&f=JPEG?w=1422&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 145 kB (144982 bytes)
Hash d1263292975c2efe67b899a91bd7721f
2f38b95a4c2cfc3eca1ec843e78d49e8626a13d0
96156ef718f5abd33c78f0a2a5cd77b2d54c14d984b4759c339cb44e41d13d26
GET /it/u=2970134638,2658398603&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:26 GMT
Content-Type: image/jpeg
Content-Length: 144982
Connection: keep-alive
Expires: Mon, 06 Mar 2023 15:47:26 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: d1263292975c2efe67b899a91bd7721f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 15:47:26 GMT
Ohc-Cache-HIT: km7ct73 [2], czix180 [4]
Ohc-File-Size: 144982
X-Cache-Status: MISS
img2.baidu.com/it/u=3747757751,3216234103&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=531
182.140.225.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=3747757751,3216234103&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=531
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x531, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b1e13ea0f9a55db509f3e06047eb210
fac68ad7c0b0eb98f286c2e7b932f1fb2191a35f
04c04f993f8d9ecfb8941a80df68facfec8527496737568bec69051eea684e51
GET /it/u=3747757751,3216234103&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=531 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 29644
expires: Thu, 23 Feb 2023 10:25:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6b1e13ea0f9a55db509f3e06047eb210
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 10:25:23 GMT
ohc-cache-hit: cd5ct69 [1], bdix186 [4]
ohc-file-size: 29644
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=909572906,4015997866&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=631
182.140.225.35200 OK 9.6 kB URL HTTP/2 img2.baidu.com/it/u=909572906,4015997866&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=631
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x631, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd05b8069277fb366f83afc47134149c
d6e2117485fb31409ca75d7019240d26a5d49d8c
9744681be0200e182e7e5259c3f1a64c753a938b829721d424448aedbf730640
GET /it/u=909572906,4015997866&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=631 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 9570
expires: Sun, 12 Feb 2023 06:17:51 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: dd05b8069277fb366f83afc47134149c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 06:17:51 GMT
ohc-cache-hit: cd5ct59 [1], qdix59 [2]
ohc-file-size: 9570
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2464625651,1606600720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.140.225.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=2464625651,1606600720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7a2ec1ee4fe8245bac208061e1f83178
576fc02c45a5bbef734f2604b639b977f87a506c
5c682dae2a9768876aff7f047ab1ea89c273a2ceb3196b930f305daba1d5a97f
GET /it/u=2464625651,1606600720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 15148
expires: Mon, 06 Mar 2023 15:47:26 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 7a2ec1ee4fe8245bac208061e1f83178
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 15:47:26 GMT
ohc-cache-hit: cd5ct54 [1], suzix228 [2]
ohc-file-size: 15148
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268
182.140.225.35200 OK 3.5 kB URL HTTP/2 img2.baidu.com/it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 508x268, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc61b6e3c6a007facb24e887cbf78eec
aa9cf1edb99a3b2ed9656a2cdbd0117cb9599a6e
395c6d621738559cb70e95b4c07e83fe638da0d63c41e308769fb739fd093a7a
GET /it/u=3275485709,1879986680&fm=253&fmt=auto&app=138&f=JPEG?w=508&h=268 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 3532
expires: Mon, 06 Mar 2023 15:47:26 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: bc61b6e3c6a007facb24e887cbf78eec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 15:47:26 GMT
ohc-cache-hit: cd5ct61 [1], xiangyix232 [2]
ohc-file-size: 3532
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1743507686,1261803091&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=450
182.140.225.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=1743507686,1261803091&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=450
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbe1744eb36b1ead27dde2306fd88653
fd13f17be37e3508652156a55de28c422ee1c399
cbb7b281f7ed7f36143b2cd8e19f0bfaa9cbd50ef45ad1c0c85cfdd20c7fa69c
GET /it/u=1743507686,1261803091&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=450 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:26 GMT
content-type: image/webp
content-length: 11956
expires: Fri, 03 Mar 2023 14:19:00 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bbe1744eb36b1ead27dde2306fd88653
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 14:19:00 GMT
ohc-cache-hit: cd5ct58 [1], wzix118 [4]
ohc-file-size: 11956
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/881604.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/881604.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/881604.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=944643861,648959183&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=500
img2.baidu.com/it/u=3186698285,4074400735&fm=253&app=120&f=JPEG?w=1280&h=800
182.140.225.35200 OK 73 kB URL HTTP/1.1 img2.baidu.com/it/u=3186698285,4074400735&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 6d56ccfce206848e626c3b134e5b4c93
c6cd62b23680dc983376bf9d1a5f340d0dd73cfb
d34e8b4c4b304a00dfb024c1f3685c4cceee19d79ca8509b06b821a1c6147d1e
GET /it/u=3186698285,4074400735&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 72608
Connection: keep-alive
Expires: Sun, 05 Mar 2023 11:20:57 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 6d56ccfce206848e626c3b134e5b4c93
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 11:20:57 GMT
Ohc-Cache-HIT: cd5ct80 [1], wzix89 [2]
Ohc-File-Size: 72608
X-Cache-Status: MISS
12732.url.tudown.com/uploads/images/132758.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/132758.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/132758.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3124343620,2940080505&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
12732.url.tudown.com/uploads/images/515341.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/515341.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/515341.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1373074618,4104553767&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/244077.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/244077.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/244077.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2336765679,4167357952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=571
12732.url.tudown.com/uploads/images/519650.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/519650.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/519650.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2834301155,2452667106&fm=253&app=120&f=JPEG?w=1280&h=800
bdcode.2345.com/rvsptpid.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/rvsptpid.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /rvsptpid.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 16:47:27 GMT
Last-Modified: Fri, 28 Oct 2022 03:41:54 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c20745983cc737dd-143
Server: yunjiasu
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=118434110&s2=534447821<u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&dc=3&ti=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=2136x0&drs=3&pcs=1140x824&pss=1200x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675525680&psr=1280x1024&par=1280x1024&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675525681&dtm=HTML_POST&tpr=1675525680954&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=166e2c2b76459bc1&dft=0&ft=1
182.61.200.109200 OK 14 kB URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=118434110&s2=534447821<u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&dc=3&ti=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=2136x0&drs=3&pcs=1140x824&pss=1200x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675525680&psr=1280x1024&par=1280x1024&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675525681&dtm=HTML_POST&tpr=1675525680954&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=166e2c2b76459bc1&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38365)
Hash fd60b93d4b967264e04f82ed51d44f15
6303a0dcebd9e80713063af2160d7f36b1ff058f
19c803975d61aaa2469da96e5256b268331d49b146dd9dabab0c42296d493af2
GET /s?wid=890&hei=200&di=u5039524&s1=118434110&s2=534447821<u=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&dc=3&ti=yabo888vip%E7%BD%91%E9%A1%B5%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875&ps=2136x0&drs=3&pcs=1140x824&pss=1200x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675525680&psr=1280x1024&par=1280x1024&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675525681&dtm=HTML_POST&tpr=1675525680954&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=166e2c2b76459bc1&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 04 Feb 2023 15:47:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 23:47:26 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=75A54DFFA14A92E8D1EF048B5C71B318:FG=1; expires=Sun, 04-Feb-54 15:47:26 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14507
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3897158553,3167431377&fm=253&fmt=auto&app=138&f=JPEG?w=460&h=292
182.242.59.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=3897158553,3167431377&fm=253&fmt=auto&app=138&f=JPEG?w=460&h=292
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 460x292, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86bf2448c4a91e988277ccf48797a1fe
6ca4417ae401649a9334c39554654326f49473d8
79ca5cdc55d10b554a3e42967e304dc1ed9a901a40a01823d9d612c40dd3caab
GET /it/u=3897158553,3167431377&fm=253&fmt=auto&app=138&f=JPEG?w=460&h=292 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 16902
expires: Sun, 05 Feb 2023 03:50:06 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 86bf2448c4a91e988277ccf48797a1fe
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 03:50:06 GMT
ohc-cache-hit: km7ct82 [1], csix82 [4]
ohc-file-size: 16902
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=466953155,205157467&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
182.242.59.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=466953155,205157467&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bf9955a0abe763b1d176ae58c3bf567
2e6992f68013f2e12c4792b17793f898348899c9
f584d69dc94d377d21961e4b11ecd7ae12b12ce26f758bf76b0248b80329760e
GET /it/u=466953155,205157467&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 29688
expires: Thu, 16 Feb 2023 05:25:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1bf9955a0abe763b1d176ae58c3bf567
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 05:25:47 GMT
ohc-cache-hit: km7ct56 [1], czix92 [4]
ohc-file-size: 29688
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/531414.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/531414.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/531414.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img1.baidu.com/it/u=1373074618,4104553767&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
183.136.216.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=1373074618,4104553767&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad3bdf5d4fcbb7c1b69a74e0c7194059
87150cc3c0ab4b243a28238e3e928fd5c8ee88e7
64c4a733089a8616db3b637b86d28dd9b6af8069a17ad32c7c2325873fd6d665
GET /it/u=1373074618,4104553767&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 20332
expires: Sun, 05 Feb 2023 16:56:25 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: ad3bdf5d4fcbb7c1b69a74e0c7194059
age: 370879
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 16:56:25 GMT
ohc-cache-hit: shaoxct58 [4], wzix58 [2]
ohc-file-size: 20332
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2336765679,4167357952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=571
183.136.216.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=2336765679,4167357952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=571
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x571, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31cef7688c2367345943c9898a23be6e
6989dbf316a026f35e8796c0259c505f9e100feb
a096e27d64b23a8c8671de2dcd1406071f5eb2c73eccc95c81941df5b337abb1
GET /it/u=2336765679,4167357952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=571 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 29738
expires: Fri, 17 Feb 2023 07:29:34 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 31cef7688c2367345943c9898a23be6e
age: 271128
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 07:29:34 GMT
ohc-cache-hit: shaoxct69 [4], suzix115 [2]
ohc-file-size: 29738
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3124343620,2940080505&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
182.140.225.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=3124343620,2940080505&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66977e062032a031f3dda1816ccb8bd4
8cac11d87097e383e22bfb9f46bed652ffcab0a8
d99c6e21fa4a9a2f09fed2b9bacbb8c75c4d907f7b93f01f85107b20b70e8376
GET /it/u=3124343620,2940080505&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 16442
expires: Sat, 11 Feb 2023 10:28:35 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 66977e062032a031f3dda1816ccb8bd4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 10:28:35 GMT
ohc-cache-hit: cd5ct74 [1], suzix144 [4]
ohc-file-size: 16442
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=944643861,648959183&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=500
182.242.59.35200 OK 23 kB URL HTTP/1.1 img0.baidu.com/it/u=944643861,648959183&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=500
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 496x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc496f83fff7b9f5522b1d84d26504cd
a26b6e055750f311c13aa90a6d802333488353cc
1687efc382c13221511738d14aff81c3420ba1d9c89e6ecf38631a198e85ee25
GET /it/u=944643861,648959183&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/webp
Content-Length: 23226
Connection: keep-alive
Expires: Wed, 22 Feb 2023 02:23:28 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: dc496f83fff7b9f5522b1d84d26504cd
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 02:23:28 GMT
Ohc-Cache-HIT: km7ct84 [1], czix227 [4]
Ohc-File-Size: 23226
X-Cache-Status: MISS
12732.url.tudown.com/uploads/images/478876.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/478876.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/478876.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2763544410,3614962004&fm=253&fmt=auto&app=120&f=JPEG?w=480&h=270
12732.url.tudown.com/uploads/images/334967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/334967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/334967.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2236806891,4120767610&fm=253&fmt=auto&app=120&f=JPEG?w=1067&h=800
t15.baidu.com/it/u=496646664,2249254928&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 21 kB URL HTTP/1.1 t15.baidu.com/it/u=496646664,2249254928&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e1a94e99940f086be3d1d7c00d68d931
90658bcb1d987255678fc99e9ee2bcbca45c02da
62c690849c6d0df403421a391e15a4809cd1649f4ad16c2070f05c941689c1b2
GET /it/u=496646664,2249254928&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 20785
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:28:16 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: e1a94e99940f086be3d1d7c00d68d931
Age: 2053365
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 02:28:16 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache64 [4], suzix174 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20785
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=2479701200,2263408814&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t15.baidu.com/it/u=2479701200,2263408814&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 80efc02fcce992339adc824c5b8c2bae
ea7f92e4b634b3dd77a86a5bbe61da01b794beaf
31e6b7c11b96ca3cd75b279c35bcd91f4a5dd6713fb24af5028fec9f53332d7e
GET /it/u=2479701200,2263408814&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 28305
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:02:33 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 80efc02fcce992339adc824c5b8c2bae
Age: 2054388
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 03:02:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache55 [4], suzix70 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28305
X-Cache-Status: HIT
Timing-Allow-Origin: *
12732.url.tudown.com/uploads/images/293915.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/293915.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/293915.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2482915275,1971596915&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=358
12732.url.tudown.com/uploads/images/423742.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/423742.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/423742.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1612866542,1335902659&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=2396899889,1491874221&fm=224&app=112&f=JPEG?w=500&h=500&s=92A0D4A112E2B6E8068D4DBE03007012
185.10.104.124200 OK 70 kB URL HTTP/1.1 t15.baidu.com/it/u=2396899889,1491874221&fm=224&app=112&f=JPEG?w=500&h=500&s=92A0D4A112E2B6E8068D4DBE03007012
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b07217f668f44b70812a60465370d765
ed0d6f784726e63af6f0a59ea6f42657112622e4
447bf7eeaec571e6b024e71581bb89b6a5298f43bbf238fb762c10870126c431
GET /it/u=2396899889,1491874221&fm=224&app=112&f=JPEG?w=500&h=500&s=92A0D4A112E2B6E8068D4DBE03007012 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 70147
Connection: keep-alive
Expires: Tue, 14 Feb 2023 12:15:48 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: b07217f668f44b70812a60465370d765
Age: 1600323
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 12:15:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache53 [4], xaix139 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 70147
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=2635167135,4050530486&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t15.baidu.com/it/u=2635167135,4050530486&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3c48935a56a8c257b119112e1004ce2e
182d008c12bd8f9d1ca55166548b42080f906ebf
101dce329a76502e0966fab942af76c1df0db3665eb311ec2d2d7f3430ce8e25
GET /it/u=2635167135,4050530486&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 44033
Connection: keep-alive
Expires: Mon, 06 Mar 2023 07:48:34 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 3c48935a56a8c257b119112e1004ce2e
Age: 14016
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 07:48:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache59 [1], qdix241 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44033
X-Cache-Status: HIT
Timing-Allow-Origin: *
12732.url.tudown.com/uploads/images/392273.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/392273.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/392273.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 964c27c69f542fbbc3ea73f97c6549b3
4d60b436f0d64cb4d99ff6af20ac801d81b2ab78
95a2ca0e4d1719c2a5ceb4112562db021371fce9b45219777399de97c6d423b0
GET /it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 53790
Connection: keep-alive
Expires: Fri, 10 Feb 2023 09:57:45 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 964c27c69f542fbbc3ea73f97c6549b3
Age: 2049927
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 09:57:45 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache56 [1], qdix180 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53790
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1612866542,1335902659&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=1612866542,1335902659&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash af61f0c4c49b9c5a2794de949403419e
327c063fec078aae0785cd4cab909705663227f5
fe7e2c033be46f2a8f9fe24d149be7fba81a85ea988d72c80c32a564b9f9b832
GET /it/u=1612866542,1335902659&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 39516
Connection: keep-alive
Expires: Wed, 08 Feb 2023 08:35:07 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: af61f0c4c49b9c5a2794de949403419e
Age: 393171
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 08:35:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache58 [1], xiangyix74 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39516
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0040264420ef153ab3c0b7e7e83d0b42
f6ac9efcf4df9f7ec29859c8e94b2e8b1415bc76
820fda4cc93ddedda12c439a81a29b7fd5b0e2a948aeb231d20ba058474d3575
GET /it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 39445
Connection: keep-alive
Expires: Thu, 16 Feb 2023 11:07:20 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 0040264420ef153ab3c0b7e7e83d0b42
Age: 1498696
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 11:07:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [1], wzix117 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39445
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f5ae181dda2c0292f1605600cb31e380
623a247e7f782d19dc086b7119657d2cc9b6736e
9ca5906fcff81e57ddaa07220dd4751a97433abc94ba1139ff5e0b2d81ffdba5
GET /it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 40304
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:04:36 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f5ae181dda2c0292f1605600cb31e380
Age: 2053240
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 14:04:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache51 [1], csix83 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40304
X-Cache-Status: HIT
Timing-Allow-Origin: *
12732.url.tudown.com/uploads/images/824850.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/824850.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/824850.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4241759297,2913637654&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=2834301155,2452667106&fm=253&app=120&f=JPEG?w=1280&h=800
182.242.59.35200 OK 78 kB URL HTTP/1.1 img0.baidu.com/it/u=2834301155,2452667106&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 4ee0919f4649f4d8e3dfd1a71f9a4c2a
ca9323659e6ef272e2ec905efb3fcc8a2187b608
6205b7c5e7e99abc4a2147a1eefdd77072721ca382b4f9d8bf22cd4a081dc2c4
GET /it/u=2834301155,2452667106&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpeg
Content-Length: 77791
Connection: keep-alive
Expires: Mon, 20 Feb 2023 16:02:58 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4ee0919f4649f4d8e3dfd1a71f9a4c2a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 16:02:58 GMT
Ohc-Cache-HIT: km7ct62 [1], bdix248 [4]
Ohc-File-Size: 77791
X-Cache-Status: MISS
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Sat, 04 Feb 2023 15:47:27 GMT
etag: W/"639b0691-850"
expires: Sat, 04 Feb 2023 16:47:27 GMT
last-modified: Thu, 15 Dec 2022 11:35:45 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c207459e895337df-143
content-length: 783
X-Firefox-Spdy: h2
t14.baidu.com/it/u=4241759297,2913637654&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t14.baidu.com/it/u=4241759297,2913637654&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d18890af44e6845d282cfac6f4350a0c
bf677f9684fc2e894c3f8669bdcb38d83e24258c
78b2a845f6e17ebf8a84f9a3da94b2a20030631bafd3836676edb38d199571a4
GET /it/u=4241759297,2913637654&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpeg
Content-Length: 45891
Connection: keep-alive
Expires: Mon, 06 Feb 2023 22:50:02 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: d18890af44e6845d282cfac6f4350a0c
Age: 402154
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 22:50:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache60 [1], bdix221 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45891
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2236806891,4120767610&fm=253&fmt=auto&app=120&f=JPEG?w=1067&h=800
182.140.225.35200 OK 62 kB URL HTTP/2 img2.baidu.com/it/u=2236806891,4120767610&fm=253&fmt=auto&app=120&f=JPEG?w=1067&h=800
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1067x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5c89094f355eab286841ce7e6c8c87c8
814c2d8bc2095a9f19097ccae94b543ce57b90f2
7d2763aa203f0028efa205933b1cf3786e0522a31d1a4687df9407f5017bf253
GET /it/u=2236806891,4120767610&fm=253&fmt=auto&app=120&f=JPEG?w=1067&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 61644
expires: Sat, 04 Mar 2023 02:31:40 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 5c89094f355eab286841ce7e6c8c87c8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 02:31:40 GMT
ohc-cache-hit: cd5ct61 [1], csix111 [4]
ohc-file-size: 61644
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.140.225.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50bc02fce5116e2c8c0934e6020bb6bc
076fcf04bbd75d2a971f79dc64080d6b8041a737
29edd09b28169253b2d0f4fec371c6f704b63fb3cb53992bed6ac03cce78dfe3
GET /it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 38194
expires: Wed, 22 Feb 2023 02:06:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 50bc02fce5116e2c8c0934e6020bb6bc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:06:58 GMT
ohc-cache-hit: cd5ct60 [1], bdix145 [4]
ohc-file-size: 38194
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/109792.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/109792.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/109792.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4285146320,1067032272&fm=253&fmt=auto&app=138&f=PNG?w=168&h=500
12732.url.tudown.com/uploads/images/992394.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/992394.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/992394.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3290309950,244139761&fm=224&app=112&f=JPEG?w=495&h=500
img0.baidu.com/it/u=2763544410,3614962004&fm=253&fmt=auto&app=120&f=JPEG?w=480&h=270
182.242.59.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=2763544410,3614962004&fm=253&fmt=auto&app=120&f=JPEG?w=480&h=270
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c11e950f0351c98e235e750878af90da
597fdd89ac0da512287e6a4f42a539815d2a8562
0fe6b3d6bdc1c898931745a7b8b3d71dfff945562bdddd2ae87ca6c8fd1168ad
GET /it/u=2763544410,3614962004&fm=253&fmt=auto&app=120&f=JPEG?w=480&h=270 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 19638
expires: Fri, 24 Feb 2023 03:01:51 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c11e950f0351c98e235e750878af90da
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 03:01:51 GMT
ohc-cache-hit: km7ct51 [1], xiangyix216 [4]
ohc-file-size: 19638
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/466340.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/466340.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/466340.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3821247245,2431353316&fm=224&app=112&f=PNG?w=500&h=500&s=7384FE0F5C0546DC6A2A2F6C0300F068
img2.baidu.com/it/u=2482915275,1971596915&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=358
182.140.225.35200 OK 29 kB URL HTTP/2 img2.baidu.com/it/u=2482915275,1971596915&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=358
IP 182.140.225.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb7c158a750fab7e7dbc99a5bb0d559c
58d35b34ef1a6857228c9dd244fc38395671d3d4
d5d88c1cd7489f2632e9b31eb8c7f04e1c841ede0858942efd5094fc2079e363
GET /it/u=2482915275,1971596915&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=358 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:27 GMT
content-type: image/webp
content-length: 29288
expires: Fri, 24 Feb 2023 02:34:48 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: eb7c158a750fab7e7dbc99a5bb0d559c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 02:34:48 GMT
ohc-cache-hit: cd5ct53 [1], xiangyix53 [4]
ohc-file-size: 29288
x-cache-status: MISS
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/644926.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/644926.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/644926.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2635167135,4050530486&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/409983.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/409983.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/409983.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:27 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2734136340,3750608964&fm=253&app=120&f=JPEG?w=1280&h=800
t13.baidu.com/it/u=3290309950,244139761&fm=224&app=112&f=JPEG?w=495&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t13.baidu.com/it/u=3290309950,244139761&fm=224&app=112&f=JPEG?w=495&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 495x500, components 3\012- data
Hash 45fd1e8c32d024a462fe0cdb129378c1
8b89a43009bc8a8ca2c30551c8be50430acf71d6
0e192f92dc9655c2c41f8e19ca63e716e7733596dc6c30d0fafe745f8a11b7a6
GET /it/u=3290309950,244139761&fm=224&app=112&f=JPEG?w=495&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpeg
Content-Length: 29913
Connection: keep-alive
Expires: Tue, 21 Feb 2023 14:11:22 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 45fd1e8c32d024a462fe0cdb129378c1
Age: 1080937
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 14:11:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache57 [2], suzix235 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29913
X-Cache-Status: HIT
api.share.baidu.com/s.gif?l=http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 15:47:28 GMT
t13.baidu.com/it/u=3821247245,2431353316&fm=224&app=112&f=PNG?w=500&h=500&s=7384FE0F5C0546DC6A2A2F6C0300F068
185.10.104.124200 OK 408 kB URL HTTP/1.1 t13.baidu.com/it/u=3821247245,2431353316&fm=224&app=112&f=PNG?w=500&h=500&s=7384FE0F5C0546DC6A2A2F6C0300F068
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 408 kB (407881 bytes)
Hash 8c027f5b715f3da09bab606b4e6500de
758ef6a83df81dbef576a0a4aed675b5f49c832d
1c31a270b345291d90c642d55069c8bca035f1375d1f7bdfb418be51e842f382
GET /it/u=3821247245,2431353316&fm=224&app=112&f=PNG?w=500&h=500&s=7384FE0F5C0546DC6A2A2F6C0300F068 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/png
Content-Length: 407881
Connection: keep-alive
Expires: Fri, 03 Mar 2023 02:11:56 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 8c027f5b715f3da09bab606b4e6500de
Age: 219010
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 02:11:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache112 [3], czix112 [3]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 407881
X-Cache-Status: HIT
12732.url.tudown.com/uploads/images/728819.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/728819.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/728819.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350
cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
183.136.216.35200 OK 4.5 kB URL HTTP/2 cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type PNG image data, 44 x 984, 8-bit colormap, non-interlaced\012- data
Hash 3e2d110dd13ae372eac3c04347687487
666c77091671206a1ee7202bfa821afa63dfed94
4b86aeb9d139835e6517cef965d3442d8efca774abc2d6befc580ec63aace62e
GET /cpro/ui/noexpire/img/2.0.0/native_ad.png HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:28 GMT
content-type: image/png
content-length: 4514
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
etag: "6246a41f-11a2"
cache-control: max-age=315360000
age: 286388
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Jun 2022 04:49:12 GMT
ohc-cache-hit: shaoxct60 [2], wzix60 [4]
ohc-file-size: 4514
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4285146320,1067032272&fm=253&fmt=auto&app=138&f=PNG?w=168&h=500
183.136.216.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=4285146320,1067032272&fm=253&fmt=auto&app=138&f=PNG?w=168&h=500
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image\012- data
Hash fed7e3fc16d6996ab736ca504d728b54
9ed1c503a4c95e0e4c001c99bad26a59830bf3f1
84640c611a67c2889b73000c72077a840fed39062ccb5c5e2b716e70bcf936de
GET /it/u=4285146320,1067032272&fm=253&fmt=auto&app=138&f=PNG?w=168&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 15:47:28 GMT
content-type: image/webp
content-length: 31798
expires: Sun, 26 Feb 2023 00:19:14 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: fed7e3fc16d6996ab736ca504d728b54
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 00:19:14 GMT
ohc-cache-hit: shaoxct58 [1], wzix92 [4]
ohc-file-size: 31798
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 16 kB URL HTTP/1.1 t14.baidu.com/it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash d4e764303a3eeca53f111a2ccd4bf643
14fef7fd2b41c8dccaed74b09a01fc8f513dc656
3dca47f7d4367d23b36ef6bb9cf86f31b65770b12582136c99a128a4760dd5f7
GET /it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12732.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpeg
Content-Length: 16276
Connection: keep-alive
Expires: Sun, 05 Feb 2023 12:44:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d4e764303a3eeca53f111a2ccd4bf643
Age: 2052390
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 12:44:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache61 [2], qdix103 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 16276
X-Cache-Status: HIT
Timing-Allow-Origin: *
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-7c066e19852cf40019e433a18d5d093bbb76b02e&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&t=1675525681951&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-7c066e19852cf40019e433a18d5d093bbb76b02e&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&t=1675525681951&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-7c066e19852cf40019e433a18d5d093bbb76b02e&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12732.url.tudown.com%2Fdown%2Ffoxitpdfeditor%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%40418_63004.exe&t=1675525681951&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12732.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 04 Feb 2023 15:47:28 GMT
content-length: 0
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12732.url.tudown.com/
Origin: http://12732.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12732.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Sat, 04 Feb 2023 15:47:28 GMT
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/361866.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/361866.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/361866.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3542176406,2205480352&fm=224&app=112&f=PNG?w=409&h=389&s=755E11D7FEA33E86623E63A40300C02E
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.204200 OK 4.7 kB URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.204:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type ASCII text, with very long lines (19539), with no line terminators
Hash afdf292db7e3a74a6887c51d71178c69
9e9f10f2a5defd7a48fe30002fa9c933bf9acbfa
827e8b6d5c2a4cb5800559a481cb49e8222d3b55834f05a0db0f8db02efbe193
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12732.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Sat, 04 Feb 2023 15:45:39 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1675525540
via: cache1.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache8.se1[87,88,200-0,H], cache5.se1[91,0]
age: 102
x-cache: HIT TCP_REFRESH_HIT dirn:1:205964275
x-swift-savetime: Sat, 04 Feb 2023 15:47:22 GMT
x-swift-cachetime: 498
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9916755256421897555e
X-Firefox-Spdy: h2
12732.url.tudown.com/uploads/images/239016.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/239016.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/239016.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2613865349,2155068843&fm=224&app=112&f=JPEG?w=500&h=500
12732.url.tudown.com/uploads/images/895553.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/895553.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/895553.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3105199758,985614764&fm=253&app=120&f=JPEG?w=800&h=1422
12732.url.tudown.com/uploads/images/475523.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/475523.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/475523.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2008333849,631457780&fm=253&fmt=auto&app=138&f=JPEG?w=323&h=300
12732.url.tudown.com/uploads/images/343555.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12732.url.tudown.com/uploads/images/343555.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/343555.jpg HTTP/1.1
Host: 12732.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12732.url.tudown.com/down/foxitpdfeditor%E7%A0%B4%E8%A7%A3%E7%89%88@418_63004.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 15:47:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3750180845,3920682766&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 0 B URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Sat, 04 Feb 2023 15:47:27 GMT
etag: W/"6261299c-371a"
expires: Sat, 04 Feb 2023 16:47:27 GMT
last-modified: Thu, 21 Apr 2022 09:53:32 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c207459d022b37df-143
X-Firefox-Spdy: h2