r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3134
Expires: Wed, 25 Jan 2023 11:47:13 GMT
Date: Wed, 25 Jan 2023 10:54:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15676
Expires: Wed, 25 Jan 2023 15:16:15 GMT
Date: Wed, 25 Jan 2023 10:54:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 10:35:12 GMT
content-type: application/json
age: 1187
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5698
Expires: Wed, 25 Jan 2023 12:29:57 GMT
Date: Wed, 25 Jan 2023 10:54:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d5H5dwFFem600XEi6Kh0IWBkzxwBdbzjQOym7A0dMJVfMWVFDzjk5QzjTPvBSbBiMDvpnMPmNxjEQiCPEw2P0w==
x-amz-request-id: ZFHVEZ5XX90J20S3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 10:48:32 GMT
age: 387
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 10:54:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 10:41:40 GMT
age: 799
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9336
Expires: Wed, 25 Jan 2023 13:30:36 GMT
Date: Wed, 25 Jan 2023 10:55:00 GMT
Connection: keep-alive
12441.url.tudown.com/down/office2003@394_2.exe
154.218.151.71200 OK 6.5 kB URL HTTP/1.1 12441.url.tudown.com/down/office2003@394_2.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 692e51013dbe56445ddc0522b0726a1c
3c7d1dcb72806acb14a632c01fa6179547e93255
eddce8d3e17c538798d9068af7c891e3af773da6457a16890b7b543a246a7ef7
Analyzer Verdict Alert fortinet Malware
GET /down/office2003@394_2.exe HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xn+VLFyhT6C16h6B+n/oSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X0Fnt74GUMKwGP4tk3ER0BQssNQ=
12441.url.tudown.com/template/company/42xz/css/common.css
154.218.151.71200 OK 1.9 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/css/common.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Wed, 25 Jan 2023 22:55:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12441.url.tudown.com/template/company/42xz/css/soft.css
154.218.151.71200 OK 6.6 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Wed, 25 Jan 2023 22:55:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12441.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12441.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12441.url.tudown.com/template/company/42xz/js/soft.js
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/js/soft.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Wed, 25 Jan 2023 22:55:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12441.url.tudown.com/uploads/images/911113.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/911113.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/911113.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=215469218,2550359939&fm=224&app=112&f=JPEG?w=500&h=500
12441.url.tudown.com/uploads/images/272004.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/272004.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/272004.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500
12441.url.tudown.com/uploads/images/726896.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/726896.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/726896.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500
12441.url.tudown.com/uploads/images/696775.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/696775.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/696775.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3828806880,3054436164&fm=253&app=120&f=JPEG?w=800&h=1280
12441.url.tudown.com/uploads/images/logo.png?n=5gp3nzmfwps3raxgv6g6lknu46kkrzmtqhszjlxfschollvc42oi3zfyvxs37ay&w=250
154.218.151.71200 OK 3.8 kB URL HTTP/1.1 12441.url.tudown.com/uploads/images/logo.png?n=5gp3nzmfwps3raxgv6g6lknu46kkrzmtqhszjlxfschollvc42oi3zfyvxs37ay&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 3c6a2fe88b6f72fff1fbb8c74f043201
35ab9d46cce975599bcf16361894bb4bd9bea068
67aa18756da5e46eac9d281e7257973332d9872f011c4295a8f85e44549543f8
GET /uploads/images/logo.png?n=5gp3nzmfwps3raxgv6g6lknu46kkrzmtqhszjlxfschollvc42oi3zfyvxs37ay&w=250 HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c6a0dcd28b9e50bc813b8d067f6a74b
65b7850c6a51528bdde393c6789e30664773fbdd
8aa1ffed18b6d8689a9fdc4fd5e0c6abdd21d27eec4e24b37463bb64a790fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA1FFED18B6D8689A9FDC4FD5E0C6ABDD21D27EEC4E24B37463BB64A790FD99"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21329
Expires: Wed, 25 Jan 2023 16:50:30 GMT
Date: Wed, 25 Jan 2023 10:55:01 GMT
Connection: keep-alive
12441.url.tudown.com/template/company/42xz/images/tab_line.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/images/tab_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
12441.url.tudown.com/uploads/images/131346.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/131346.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/131346.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666
12441.url.tudown.com/uploads/images/649554.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/649554.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/649554.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500
12441.url.tudown.com/uploads/images/816096.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/816096.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/816096.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=495767018,3879542817&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=420
12441.url.tudown.com/template/company/42xz/js/jquery.js
154.218.151.71200 OK 46 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:00 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Wed, 25 Jan 2023 22:55:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Wed, 25 Jan 2023 12:12:31 GMT
Date: Wed, 25 Jan 2023 10:55:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Wed, 25 Jan 2023 12:12:31 GMT
Date: Wed, 25 Jan 2023 10:55:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 46105
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Wed, 25 Jan 2023 12:12:31 GMT
Date: Wed, 25 Jan 2023 10:55:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: eaa1dff1-44ea-47ff-b211-1dd709d9b259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5IGAHIAMFm9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-3ccb4f9322744f546fff8a9a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ImH7pi4LZOZo6IqNquoa5C97jI9U0LdwbEKSDU1Cf4R9pITWYhyAw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:04:43 GMT
age: 24618
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7d50173f78bef1429160a353679dd91
695d7913e35a7e086d76c38d7c6f43462b0896df
4c761d1f9fd523750102aea0cce3f8c3cd92918d4c59853415745278292afa4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6231
x-amzn-requestid: 85406169-05a4-4ba9-8a20-5ed2badec48a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEXPmGB_oAMF7Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb38ca-607a23df395511207f5958cd;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 00:58:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8iFgYP3qA9gX0Cr2RgSJzQZ3QNTBHyEKwmKqYYx9EXdM60WOp6AaQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 06:25:50 GMT
age: 16151
etag: "695d7913e35a7e086d76c38d7c6f43462b0896df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 87377a4714ff6d2aef3c4572d2f2a02a
6ed0aa6fd03c0a598f154180b74935f95085c0f9
8a2021df681aac6732de7cf0a2e247a83445eab9a831efa5eb3e340eddeb2a38
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 29 Jan 2023 08:30:36 GMT
ETag: "6ed0aa6fd03c0a598f154180b74935f95085c0f9"
Last-Modified: Wed, 25 Jan 2023 08:30:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 303
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f0796318a2b517-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:47:09 GMT
age: 18472
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 946d8485d39fbe598dc6af86e735061d
4934319819697b4c89466949cd4ef93bb8b9c8b2
7bd130762bfaa189b24e3620e4a54b8e0cc7046ea2d917c37d11a8f248803840
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 5786e270-1aae-45e2-b406-ad9ce4e90c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHH8hEcBIAMFyjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5383-3b3fb6220035b4e34db73fee;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:05:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ffDYSL3N0ZZ2vGX3d94Evnu0SeEkLWwv4HRHdyUYXQ19MstDR4jROA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 09:04:06 GMT
age: 6655
etag: "4934319819697b4c89466949cd4ef93bb8b9c8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 12067
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12441.url.tudown.com/uploads/images/286818.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/286818.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/286818.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2490557759,3024050032&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
12441.url.tudown.com/uploads/images/584654.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/584654.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/584654.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350
12441.url.tudown.com/uploads/images/132606.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/132606.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/132606.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
12441.url.tudown.com/uploads/images/369754.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/369754.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/369754.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=480372950,107206618&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=611
12441.url.tudown.com/uploads/images/517451.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/517451.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/517451.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688
12441.url.tudown.com/uploads/images/170061.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/170061.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/170061.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3415786549,1590726208&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699
t15.baidu.com/it/u=215469218,2550359939&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 14 kB URL HTTP/1.1 t15.baidu.com/it/u=215469218,2550359939&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d1d1b11a0eb6335b890488dde8050fe2
b6341860d1aba967ee60db54d92c0d4802ebe8a2
64e54ebb5ba944f1d6a38d089fa5320639a44953ece4c69f0d617e57279ebef1
GET /it/u=215469218,2550359939&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpeg
Content-Length: 13803
Connection: keep-alive
Expires: Tue, 07 Feb 2023 18:54:25 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d1d1b11a0eb6335b890488dde8050fe2
Age: 1171142
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 18:54:25 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache58 [4], xiangyix240 [4]
Ohc-Response-Time: 1 0 0 0 0 3
Ohc-File-Size: 13803
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 16 kB URL HTTP/1.1 t14.baidu.com/it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash d4e764303a3eeca53f111a2ccd4bf643
14fef7fd2b41c8dccaed74b09a01fc8f513dc656
3dca47f7d4367d23b36ef6bb9cf86f31b65770b12582136c99a128a4760dd5f7
GET /it/u=1955930316,1150273715&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpeg
Content-Length: 16276
Connection: keep-alive
Expires: Sun, 05 Feb 2023 12:44:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d4e764303a3eeca53f111a2ccd4bf643
Age: 1170843
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 12:44:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache61 [2], qdix103 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 16276
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 624dd3e8fd2257516c3ee566518986ac
8049fb09f2072e2e5993449e7b3f1ff0a6851861
902fa413c309390611e2c169a9c63dd95629ed6ed4b33646a5bb50558c8936bd
GET /it/u=156742818,3939356844&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpeg
Content-Length: 53043
Connection: keep-alive
Expires: Wed, 22 Feb 2023 02:54:46 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 624dd3e8fd2257516c3ee566518986ac
Age: 136994
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 02:54:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache54 [1], bdix141 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53043
X-Cache-Status: HIT
Timing-Allow-Origin: *
12441.url.tudown.com/uploads/images/996939.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/996939.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/996939.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
12441.url.tudown.com/uploads/images/50711.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/50711.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/50711.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1216087049,1633987925&fm=253&app=120&f=JPEG?w=1422&h=800
t13.baidu.com/it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 307 kB URL HTTP/1.1 t13.baidu.com/it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 307 kB (306594 bytes)
Hash e1999ffd8f276545ca883bf09cce05fc
dd0ae75e6c0144af72e6598fa806a011b2768272
60a8b37c51966091c7ab299a7501d17fc70e2b89bb20884fdcef9b14d6331151
GET /it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/png
Content-Length: 306594
Connection: keep-alive
Expires: Thu, 02 Feb 2023 02:48:13 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e1999ffd8f276545ca883bf09cce05fc
Age: 1169774
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 02:48:13 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache63 [2], bdix105 [3]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 306594
X-Cache-Status: HIT
12441.url.tudown.com/uploads/images/18553.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/18553.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/18553.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2597466744,3347582294&fm=253&app=120&f=JPEG?w=200&h=200
12441.url.tudown.com/uploads/images/848729.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/848729.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/848729.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1277210242,329471598&fm=224&app=112&f=JPEG?w=500&h=500
12441.url.tudown.com/uploads/images/400551.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/400551.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/400551.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1197081998,3390289667&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12441.url.tudown.com/uploads/images/90171.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/90171.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/90171.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560
t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 25 kB URL HTTP/1.1 t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 0eec0e0237fb11b843dc4d8d177a8c89
7bc050b98ed0e2652d1398012acb8f0df8618c38
f5f9a5f0112d61f94c1746eb3611104f7a9c8bd714b351421f8b153acbbbc5ae
GET /it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 24858
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:53:31 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0eec0e0237fb11b843dc4d8d177a8c89
Age: 1173067
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:53:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [1], czix188 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24858
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=1277210242,329471598&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t13.baidu.com/it/u=1277210242,329471598&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c56a594bafbb3e6e523f26d2b67eb004
a6b5ae2dae87782a172ff267acfca5561c132e68
7c382464e7fd73b80c94e1a6f1873901324a2d7e6a8bf75241fbdf0faf02a726
GET /it/u=1277210242,329471598&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 39090
Connection: keep-alive
Expires: Tue, 07 Feb 2023 11:52:55 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c56a594bafbb3e6e523f26d2b67eb004
Age: 1170315
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 11:52:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache60 [1], czix155 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39090
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 37 kB URL HTTP/1.1 t15.baidu.com/it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 551eb5bc16e625cbee37678cf26a708e
4f79bc9ef5bcd0187d312b170d56689165e538fb
fb3a7077d60acd6b8917fe877c0fa91bb836700a6b2c603f38f9a1c1cb89eae7
GET /it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 37179
Connection: keep-alive
Expires: Wed, 22 Feb 2023 14:02:09 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 551eb5bc16e625cbee37678cf26a708e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 14:02:09 GMT
Ohc-Upstream-Trace: 58.20.204.56
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache56 [4], suzix85 [4]
Ohc-Response-Time: 1 0 0 0 243 243
Ohc-File-Size: 37179
X-Cache-Status: MISS
Timing-Allow-Origin: *
img1.baidu.com/it/u=495767018,3879542817&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=420
119.96.52.35200 OK 8.0 kB URL HTTP/2 img1.baidu.com/it/u=495767018,3879542817&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=420
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x420, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b30dea4a9c2ba694d072d5811c0a7f85
f113f37dbe75ea3d357e0ad05dd2e2f6611e17ea
108d8be55ce439107d314b69ecba400a83d45f67804d2f8f6d7525d44cbfec50
GET /it/u=495767018,3879542817&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=420 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 7972
expires: Mon, 20 Feb 2023 16:39:10 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b30dea4a9c2ba694d072d5811c0a7f85
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 16:39:10 GMT
ohc-cache-hit: wh4ct58 [1], suzix96 [4]
ohc-file-size: 7972
x-cache-status: MISS
X-Firefox-Spdy: h2
12441.url.tudown.com/uploads/images/345920.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/345920.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/345920.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2699921481,827172208&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12441.url.tudown.com/uploads/images/942861.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/942861.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942861.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2560484167,498899990&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img0.baidu.com/it/u=2597466744,3347582294&fm=253&app=120&f=JPEG?w=200&h=200
118.112.225.35200 OK 5.4 kB URL HTTP/1.1 img0.baidu.com/it/u=2597466744,3347582294&fm=253&app=120&f=JPEG?w=200&h=200
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash a75ab1bca19fd26995c1f959477f5fbd
e2577f1b99c607e1961cb7de18db87647ea35a30
5da0bc5c28ee2400f5d7e734779d6fa0dce04ab697751089ebd3cad6108a00fd
GET /it/u=2597466744,3347582294&fm=253&app=120&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 5442
Connection: keep-alive
Expires: Sun, 05 Feb 2023 21:47:00 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: a75ab1bca19fd26995c1f959477f5fbd
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 21:47:00 GMT
Ohc-Cache-HIT: cd6ct85 [1], xaix214 [4]
Ohc-File-Size: 5442
X-Cache-Status: MISS
12441.url.tudown.com/uploads/images/786319.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/786319.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/786319.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2067035217,501997824&fm=253&app=138&f=JPEG?w=800&h=500
12441.url.tudown.com/uploads/images/799800.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/799800.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/799800.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1510827784,2169095313&fm=253&app=120&f=JPEG?w=1422&h=800
12441.url.tudown.com/uploads/images/389729.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/389729.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/389729.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 41d2cd9fd600bb91ad59f62e586f1644
340019bea6b5b65f8d10023462f9554835bac8bb
d25e2b750fff0550d2d90466565c1bd491d9cd77ec118b428e550e733faa5cef
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12441.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Wed, 25 Jan 2023 10:55:02 GMT
Etag: 758a43352c31327269acf95122a7c9fc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=88C3CED89B2378E0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12441.url.tudown.com/uploads/images/310501.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/310501.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/310501.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4047985184,664300682&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=4047985184,664300682&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 63 kB URL HTTP/1.1 t14.baidu.com/it/u=4047985184,664300682&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 8a0a42f125a4b7620ee9a97947033d9e
fa2cde1c6a5fecb6dad3308ddbb89748adb0c634
22ae3117a88f45a0ba891a56960751a5f15217867dfe95c497cf69d8b764bf6d
GET /it/u=4047985184,664300682&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 62655
Connection: keep-alive
Expires: Wed, 01 Feb 2023 08:07:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 8a0a42f125a4b7620ee9a97947033d9e
Age: 1171763
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 08:07:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache60 [4], suzix209 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62655
X-Cache-Status: HIT
Timing-Allow-Origin: *
12441.url.tudown.com/template/company/42xz/images/dian1.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/images/dian1.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
img1.baidu.com/it/u=2490557759,3024050032&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
119.96.52.35200 OK 21 kB URL HTTP/2 img1.baidu.com/it/u=2490557759,3024050032&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 498a30224b829c7be0210c6e0cfa5727
42d47beecd440aa3ada66ad8b2c48e59afb2bb5c
61c8363a4aafab61a7db3edb0f9c36a52699a119c48d6c6de7e2e7acdebefa7b
GET /it/u=2490557759,3024050032&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 21130
expires: Wed, 22 Feb 2023 02:25:01 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 498a30224b829c7be0210c6e0cfa5727
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:25:01 GMT
ohc-cache-hit: wh4ct61 [1], xaix147 [2]
ohc-file-size: 21130
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3828806880,3054436164&fm=253&app=120&f=JPEG?w=800&h=1280
118.112.225.35200 OK 104 kB URL HTTP/1.1 img0.baidu.com/it/u=3828806880,3054436164&fm=253&app=120&f=JPEG?w=800&h=1280
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1280, components 3\012- data
Size 104 kB (104319 bytes)
Hash 07ca7d6b72ba5cab5a749010ad28f964
a4fed56391c13cf5c07163a7fce67ef3b8142f1b
388f018f57bf33a88a5e3e15474b86c409e7cced55847be5ca44584d7e6c0eb8
GET /it/u=3828806880,3054436164&fm=253&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:01 GMT
Content-Type: image/jpeg
Content-Length: 104319
Connection: keep-alive
Expires: Tue, 31 Jan 2023 15:36:27 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 07ca7d6b72ba5cab5a749010ad28f964
Age: 65928
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 15:36:27 GMT
Ohc-Cache-HIT: cd6ct69 [4], suzix231 [4]
Ohc-File-Size: 104319
X-Cache-Status: HIT
12441.url.tudown.com/template/company/42xz/images/dian2.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12441.url.tudown.com/template/company/42xz/images/dian2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
img1.baidu.com/it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560
119.96.52.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 420x560, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 527f19845f693ce28d294c8a91073e3d
dc59bbae0d4afb7027a1eb32938aa3b006d1433e
9218d38aa6485668e9c74404bcd49b4ee16366127cc34ad0e741690af878d1fd
GET /it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 22996
expires: Wed, 25 Jan 2023 16:42:33 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 527f19845f693ce28d294c8a91073e3d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 16:42:33 GMT
ohc-cache-hit: wh4ct68 [1], xaix142 [4]
ohc-file-size: 22996
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 2e590e1486b261b7f5672b2e4e264a87
91bb8eaf1a07f3a880ed73ee9a3a89b812f6f38c
f5ed9d2fd54192294de3ed62b62900ddfdfd230f07481b9092d6807c44b98a5c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 29 Jan 2023 09:31:39 GMT
ETag: "91bb8eaf1a07f3a880ed73ee9a3a89b812f6f38c"
Last-Modified: Wed, 25 Jan 2023 09:31:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1034
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f07969ba9eb51b-OSL
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 25 Jan 2023 10:55:02 GMT
Etag: "4078521116"
Expires: Thu, 25 Jan 2024 10:55:02 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=96D6E4C5E97EA9BA47A7C7535834967B:FG=1; max-age=31536000; expires=Thu, 25-Jan-24 10:55:02 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12441.url.tudown.com/uploads/images/352820.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/352820.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/352820.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1290045820,3813654257&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
12441.url.tudown.com/uploads/images/450240.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/450240.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/450240.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1198001402,2502885747&fm=253&fmt=auto?w=1422&h=800
12441.url.tudown.com/uploads/images/221576.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/221576.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/221576.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2869376944,240111503&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12441.url.tudown.com/uploads/images/364518.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/364518.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/364518.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=466228858,693931524&fm=224&app=112&f=JPEG?w=500&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1774496423&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=28246&r=0&ww=1280&u=http%3A%2F%2F12441.url.tudown.com%2Fdown%2Foffice2003%40394_2.exe&tt=ag%E5%B8%81%E6%B8%B8(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1774496423&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=28246&r=0&ww=1280&u=http%3A%2F%2F12441.url.tudown.com%2Fdown%2Foffice2003%40394_2.exe&tt=ag%E5%B8%81%E6%B8%B8(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1774496423&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=28246&r=0&ww=1280&u=http%3A%2F%2F12441.url.tudown.com%2Fdown%2Foffice2003%40394_2.exe&tt=ag%E5%B8%81%E6%B8%B8(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12441.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Jan 2023 10:55:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A5D6533AAD37239B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img1.baidu.com/it/u=3415786549,1590726208&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699
119.96.52.35200 OK 43 kB URL HTTP/2 img1.baidu.com/it/u=3415786549,1590726208&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x699, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b51278d62b15849f870278cc2ff4e802
39d5624a6f113803937b1362c7d89f98e3ff3596
1334f698f5ddd5fc0e640faf434f8c30af2e14171112edfd6994b6c9c1309f43
GET /it/u=3415786549,1590726208&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 42942
expires: Wed, 22 Feb 2023 12:25:17 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b51278d62b15849f870278cc2ff4e802
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 12:25:17 GMT
ohc-cache-hit: wh4ct56 [1], qdix103 [2]
ohc-file-size: 42942
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=466228858,693931524&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 64 kB URL HTTP/1.1 t14.baidu.com/it/u=466228858,693931524&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5a3c9b6af72e31399458e2b07241b7f7
b5bb10be17f5671be734b85ce1681408e2b4bca4
aff2b4ea310479eadbc48c7488dbfc3a2a88a98712504378a7e00c9f34d25548
GET /it/u=466228858,693931524&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 63568
Connection: keep-alive
Expires: Wed, 22 Feb 2023 03:02:24 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 5a3c9b6af72e31399458e2b07241b7f7
Age: 26273
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 03:02:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache64 [4], xaix97 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 63568
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666
119.96.52.35200 OK 18 kB URL HTTP/2 img1.baidu.com/it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x666, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 51755800a95a363182a79ce4fae6feed
3fd195843ed6c6bceb509a31f1692748d94ecd9e
5553151d55c3457bc6390ac5bc9203137ca8d4f28cf9fdcc3503db892a9c86dd
GET /it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 18526
expires: Thu, 09 Feb 2023 10:08:41 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 51755800a95a363182a79ce4fae6feed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 10:08:41 GMT
ohc-cache-hit: wh4ct61 [1], wzix61 [4]
ohc-file-size: 18526
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=480372950,107206618&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=611
119.96.52.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=480372950,107206618&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=611
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 658x611, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb360b825fab4596ec25e0223de57644
6ec001bc1f5edf596bab8c3c8289aba7deced7f9
5f2177ee15c81900463b66fd780a89fefe04ea10460a9f4b14a24207d681dbc4
GET /it/u=480372950,107206618&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=611 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 22374
expires: Fri, 17 Feb 2023 05:15:57 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: bb360b825fab4596ec25e0223de57644
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 05:15:57 GMT
ohc-cache-hit: wh4ct52 [1], wzix52 [4]
ohc-file-size: 22374
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1197081998,3390289667&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
119.96.52.35200 OK 46 kB URL HTTP/2 img0.baidu.com/it/u=1197081998,3390289667&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75267b8758347ce0a64418b3ca458308
c8f40ab25950608e7988eb466195da589eedf9b3
34f0cbbfe7c18e0196df95adc695b9d204c17cc6cee7a6cdc63740d1cc0018c6
GET /it/u=1197081998,3390289667&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 46040
expires: Sat, 04 Feb 2023 03:40:47 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 75267b8758347ce0a64418b3ca458308
age: 22262
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 03:40:47 GMT
ohc-cache-hit: wh4ct67 [4], xiangyix67 [2]
ohc-file-size: 46040
x-cache-status: HIT
X-Firefox-Spdy: h2
12441.url.tudown.com/uploads/images/129974.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/129974.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/129974.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500
12441.url.tudown.com/uploads/images/279262.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/279262.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/279262.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3983821376,693308332&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=388
img0.baidu.com/it/u=2067035217,501997824&fm=253&app=138&f=JPEG?w=800&h=500
118.112.225.35200 OK 51 kB URL HTTP/1.1 img0.baidu.com/it/u=2067035217,501997824&fm=253&app=138&f=JPEG?w=800&h=500
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash c0fc80b1fcb5beacdc011b7e6f1c0e30
0b86142ec8708d959743438e96cd4f1de9903ca0
3918aeff8bc84e0948d2da688e3b8d5e84dfa6001af211f0aa5f0d157e787082
GET /it/u=2067035217,501997824&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 50682
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:32:21 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: c0fc80b1fcb5beacdc011b7e6f1c0e30
Age: 557
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 15:32:21 GMT
Ohc-Cache-HIT: cd6ct69 [4], czix206 [2]
Ohc-File-Size: 50682
X-Cache-Status: HIT
12441.url.tudown.com/uploads/images/254110.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/254110.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/254110.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2412793942,4111203969&fm=253&fmt=auto&app=138&f=PNG?w=500&h=566
12441.url.tudown.com/uploads/images/833530.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/833530.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/833530.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=199387386,2089285301&fm=253&fmt=auto&app=138&f=JPG?w=800&h=500
12441.url.tudown.com/uploads/images/845210.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/845210.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/845210.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3706903065,1447992231&fm=253&fmt=auto&app=138&f=JPEG?w=425&h=600
img2.baidu.com/it/u=1216087049,1633987925&fm=253&app=120&f=JPEG?w=1422&h=800
119.96.52.35200 OK 134 kB URL HTTP/1.1 img2.baidu.com/it/u=1216087049,1633987925&fm=253&app=120&f=JPEG?w=1422&h=800
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 134 kB (134082 bytes)
Hash 021999d6bd147ffd060fb9e137035f36
44bfc05f9536c739ee989acc7325c5f2ce4a3689
a7c07302528f057aa446a3dbd723d0b8ae49c5f439fa900dd8facd54041a4daf
GET /it/u=1216087049,1633987925&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 134082
Connection: keep-alive
Expires: Sun, 12 Feb 2023 13:43:37 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 021999d6bd147ffd060fb9e137035f36
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 13:43:37 GMT
Ohc-Cache-HIT: wh4ct61 [2], czix141 [4]
Ohc-File-Size: 134082
X-Cache-Status: MISS
12441.url.tudown.com/uploads/images/288419.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/288419.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/288419.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=415071252,2905613793&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
180.97.251.250200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12441.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Wed, 25 Jan 2023 10:12:58 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Wed, 25 Jan 2023 10:12:58 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1674641578
via: cache68.l2cn1836[0,0,200-0,H], cache28.l2cn1836[0,0], cache8.cn2205[0,0,200-0,H], cache6.cn2205[3,0]
age: 2525
x-cache: HIT TCP_MEM_HIT dirn:13:248457381
x-swift-savetime: Wed, 25 Jan 2023 10:18:10 GMT
x-swift-cachetime: 3288
timing-allow-origin: *
eagleid: b461fb1a16746441030182623e
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2560484167,498899990&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
119.96.52.35200 OK 66 kB URL HTTP/2 img1.baidu.com/it/u=2560484167,498899990&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash caaa30944a070eaac34c0a1421108e2d
e9a1c054c5fe2e7004d0e74878f99224469f00ce
121fc3714ba45b310d5b84bf04e493ec4856f61fe257ae5a58fd0753407a835c
GET /it/u=2560484167,498899990&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 66432
expires: Wed, 22 Feb 2023 03:01:19 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: caaa30944a070eaac34c0a1421108e2d
age: 26267
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:01:19 GMT
ohc-cache-hit: wh4ct55 [4], xaix247 [2]
ohc-file-size: 66432
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1510827784,2169095313&fm=253&app=120&f=JPEG?w=1422&h=800
118.112.225.35200 OK 140 kB URL HTTP/1.1 img0.baidu.com/it/u=1510827784,2169095313&fm=253&app=120&f=JPEG?w=1422&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 140 kB (139777 bytes)
Hash 4e5ac3253d1111d5242f83fe280d5d40
c3d8c2a7adfe679952a72f62da3a2821d943f1b5
f69d1a3fce1e743afadbcc30aa746613553b4268125bc327770761fb28eba9d2
GET /it/u=1510827784,2169095313&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:02 GMT
Content-Type: image/jpeg
Content-Length: 139777
Connection: keep-alive
Expires: Thu, 23 Feb 2023 06:42:30 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 4e5ac3253d1111d5242f83fe280d5d40
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 06:42:30 GMT
Ohc-Cache-HIT: cd6ct59 [2], suzix162 [4]
Ohc-File-Size: 139777
X-Cache-Status: MISS
12441.url.tudown.com/uploads/images/907287.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/907287.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/907287.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
101.198.192.7200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Wed, 25 Jan 2023 11:05:03 GMT
KCS-Via: HIT from w-fc01.hkht;MISS from w-sc01.hkht
Content-Encoding: gzip
12441.url.tudown.com/uploads/images/94357.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/94357.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/94357.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3047439696,203865399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
119.96.52.35200 OK 177 kB URL HTTP/2 img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
IP 119.96.52.35:0
File type GIF image data, version 89a, 640 x 467\012- data
Size 177 kB (176756 bytes)
Hash 78d856590b8f34140b86bbd2917d585a
55bcae5ff46d488361a69e454dff3f8628539220
4e6de07ab997c5e735ded37c27205c4b45fe5ea0afb65061ba38c3521764422a
GET /it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/gif
content-length: 176756
expires: Thu, 23 Feb 2023 07:34:00 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 78d856590b8f34140b86bbd2917d585a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 07:34:00 GMT
ohc-cache-hit: wh4ct66 [2], bdix164 [3]
ohc-file-size: 176756
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 27 kB URL HTTP/1.1 t15.baidu.com/it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6fe24e19b0f6369fc494efe1fe0c2f77
9d8b029f2ce7d279c5c2bda71db6e1aad2dc44c0
c46ee8993e733ddf51921e6509761547689726477353b0540c7b929ba1a3cd51
GET /it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpeg
Content-Length: 26714
Connection: keep-alive
Expires: Mon, 30 Jan 2023 10:57:19 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 6fe24e19b0f6369fc494efe1fe0c2f77
Age: 28377
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 10:57:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache52 [1], suzix187 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 26714
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2699921481,827172208&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
119.96.52.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=2699921481,827172208&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99b3a8bf37cc61dae9b5ab1d847a4073
66b6f025914905ae7f059cffd1c88337413e79e3
42b0b11ace4e7cf96400e54398746e0a2488bb450884a15409c63e6ad2c7f514
GET /it/u=2699921481,827172208&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 30294
expires: Fri, 03 Feb 2023 04:28:24 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 99b3a8bf37cc61dae9b5ab1d847a4073
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 04:28:24 GMT
ohc-cache-hit: wh4ct53 [1], wzix89 [2]
ohc-file-size: 30294
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
119.96.52.35200 OK 4.9 kB URL HTTP/2 img0.baidu.com/it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 12055e83d6901819ac9d4554e2b048da
77c9f80477e49bd4691bdf9a0d48e23a28a5d095
8faebb08f8d214ad6ed825eb189e34ca8a4e39ca8ff78016d0cbe506fa382da4
GET /it/u=2412254335,3045779806&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 4926
expires: Fri, 03 Feb 2023 13:23:08 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 12055e83d6901819ac9d4554e2b048da
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 13:23:08 GMT
ohc-cache-hit: wh4ct63 [1], csix63 [2]
ohc-file-size: 4926
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688
119.96.52.35200 OK 39 kB URL HTTP/2 img0.baidu.com/it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x688, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b34da9f1967d287640bc694e4ab8a586
d329d067bc17cfd87f77e2efeefb51c2fb6e1fe6
422f3018723bc1e6f81d9a9d5c66e2f12162a5b0eaf1168f522d49702a586097
GET /it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 38608
expires: Sun, 19 Feb 2023 20:55:02 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b34da9f1967d287640bc694e4ab8a586
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 20:55:02 GMT
ohc-cache-hit: wh4ct56 [1], suzix111 [4]
ohc-file-size: 38608
x-cache-status: MISS
X-Firefox-Spdy: h2
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.11200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.11:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YcciXRsVoaNzRZp-oGPdX2C1DGNcQFJHxQyrh7wSUO6LzgtiWzgbeg==
Age: 10487198
img0.baidu.com/it/u=1290045820,3813654257&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
119.96.52.35200 OK 11 kB URL HTTP/2 img0.baidu.com/it/u=1290045820,3813654257&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 482f51bbd0ab69a6283d11831068194c
cb2a5c93a3ae375b928f021203b908380b22ca56
16e8715821e49bfc59bf0e2cbfcbe407e28228dcebcff541a4a9e11cd6f711df
GET /it/u=1290045820,3813654257&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 11230
expires: Sun, 05 Feb 2023 08:12:01 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 482f51bbd0ab69a6283d11831068194c
age: 122456
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 08:12:01 GMT
ohc-cache-hit: wh4ct67 [4], czix130 [2]
ohc-file-size: 11230
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=199387386,2089285301&fm=253&fmt=auto&app=138&f=JPG?w=800&h=500
119.96.52.35200 OK 32 kB URL HTTP/1.1 img2.baidu.com/it/u=199387386,2089285301&fm=253&fmt=auto&app=138&f=JPG?w=800&h=500
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c1733bd95f474b8f06fc683184a173ef
739e6fee05a6d981b600120b69efee0429ef309c
da611a26a711e2dcab78e48c1a3cfc12ee7369e6d83106c39525b3e08cebc37e
GET /it/u=199387386,2089285301&fm=253&fmt=auto&app=138&f=JPG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/webp
Content-Length: 31572
Connection: keep-alive
Expires: Thu, 16 Feb 2023 02:48:48 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c1733bd95f474b8f06fc683184a173ef
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 02:48:48 GMT
Ohc-Cache-HIT: wh4ct63 [1], bdix241 [2]
Ohc-File-Size: 31572
X-Cache-Status: MISS
12441.url.tudown.com/uploads/images/963303.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/963303.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/963303.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3640963258,3727474664&fm=224&app=112&f=JPEG?w=500&h=500
12441.url.tudown.com/uploads/images/989411.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/989411.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/989411.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2141134280,549958465&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
img2.baidu.com/it/u=1198001402,2502885747&fm=253&fmt=auto?w=1422&h=800
119.96.52.35200 OK 93 kB URL HTTP/2 img2.baidu.com/it/u=1198001402,2502885747&fm=253&fmt=auto?w=1422&h=800
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bdde5195904a8425e0cbac570e54f735
8f62ab6bae60ec4db66a45eb052307383f088965
a21dd148790eaa74bd0595ca32a72f26a790304af766c2eb2f0589e074b3e21f
GET /it/u=1198001402,2502885747&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 93310
expires: Mon, 20 Feb 2023 13:02:14 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: bdde5195904a8425e0cbac570e54f735
age: 89789
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:02:14 GMT
ohc-cache-hit: wh4ct57 [4], suzix170 [2]
ohc-file-size: 93310
x-cache-status: HIT
X-Firefox-Spdy: h2
12441.url.tudown.com/uploads/images/785997.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/785997.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/785997.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1527325839,3265889126&fm=253&app=138&f=JPEG?w=800&h=500
img2.baidu.com/it/u=2869376944,240111503&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
119.96.52.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=2869376944,240111503&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c80433b395f3db818aadee47c292d273
6494dbabbecda7936e6b5a745134532d1b71bd07
e6b2da2137eec0347d7be564cd48b341b28e6be08f6fe43ad3de44c442ceb250
GET /it/u=2869376944,240111503&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:02 GMT
content-type: image/webp
content-length: 37890
expires: Wed, 22 Feb 2023 20:43:56 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c80433b395f3db818aadee47c292d273
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 20:43:56 GMT
ohc-cache-hit: wh4ct64 [1], xiangyix150 [4]
ohc-file-size: 37890
x-cache-status: MISS
X-Firefox-Spdy: h2
12441.url.tudown.com/uploads/images/763769.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12441.url.tudown.com/uploads/images/763769.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/763769.jpg HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
img2.baidu.com/it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500
119.96.52.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 769x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dafd810c22e1f6b604afe4d4c8604184
36b6cbc9a894c207bb3cb8122f2d01755deb34ca
9c13d4e76855c06dd3a7df785442295028de1237874477cb8c26ab703d35630f
GET /it/u=1961932304,1767046630&fm=253&fmt=auto&app=138&f=JPEG?w=769&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 41700
expires: Mon, 30 Jan 2023 16:12:31 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: dafd810c22e1f6b604afe4d4c8604184
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 16:12:31 GMT
ohc-cache-hit: wh4ct61 [1], xaix175 [2]
ohc-file-size: 41700
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3983821376,693308332&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=388
119.96.52.35200 OK 51 kB URL HTTP/2 img0.baidu.com/it/u=3983821376,693308332&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=388
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 690x388, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f0f060d681642a77c1be60804d019b1
517bf17771bf45b7a6dd7f5d0b4cbc20f7db6e84
bbc95736616898e1a748e8628e41f462178c36892c020f81d1328208dfa04feb
GET /it/u=3983821376,693308332&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=388 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 51082
expires: Tue, 31 Jan 2023 08:05:48 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9f0f060d681642a77c1be60804d019b1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 08:05:48 GMT
ohc-cache-hit: wh4ct51 [1], bdix220 [2]
ohc-file-size: 51082
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12441.url.tudown.com/down/office2003@394_2.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12441.url.tudown.com/down/office2003@394_2.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12441.url.tudown.com/down/office2003@394_2.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 Jan 2023 10:55:03 GMT
img2.baidu.com/it/u=2412793942,4111203969&fm=253&fmt=auto&app=138&f=PNG?w=500&h=566
119.96.52.35200 OK 109 kB URL HTTP/2 img2.baidu.com/it/u=2412793942,4111203969&fm=253&fmt=auto&app=138&f=PNG?w=500&h=566
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x566, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 109 kB (109002 bytes)
Hash f91789b7f7ffc24ff74aa180d0669785
be755720aae16161b14a39335e29acbdc3116a08
ac2b53e934b4ed89941450885469b2158ea1f986fe0c152c8ed95fd0e29e2c9e
GET /it/u=2412793942,4111203969&fm=253&fmt=auto&app=138&f=PNG?w=500&h=566 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 109002
expires: Sun, 12 Feb 2023 21:22:54 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: f91789b7f7ffc24ff74aa180d0669785
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 21:22:54 GMT
ohc-cache-hit: wh4ct56 [1], xiangyix224 [4]
ohc-file-size: 109002
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3706903065,1447992231&fm=253&fmt=auto&app=138&f=JPEG?w=425&h=600
119.96.52.35200 OK 28 kB URL HTTP/2 img2.baidu.com/it/u=3706903065,1447992231&fm=253&fmt=auto&app=138&f=JPEG?w=425&h=600
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 425x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 838a550eda8e3b6e4309b614d4161ddb
7ffdda15aea8bfd6cee868bde69a36ec39fa919c
dfd3daa64cae47d5522a5a59490d00d3844ae38b2c8f7c0594858fc1370a6d69
GET /it/u=3706903065,1447992231&fm=253&fmt=auto&app=138&f=JPEG?w=425&h=600 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 27946
expires: Sun, 05 Feb 2023 17:42:06 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 838a550eda8e3b6e4309b614d4161ddb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 17:42:06 GMT
ohc-cache-hit: wh4ct57 [1], xaix100 [4]
ohc-file-size: 27946
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=415071252,2905613793&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
119.96.52.35200 OK 76 kB URL HTTP/2 img1.baidu.com/it/u=415071252,2905613793&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e440648515732d2a3c303793e2019f0d
ef9fc1670e2b34d8e39e2e407f31a2fc7264e5bc
ac532f6e25fff61cc717e5701c03a2c15c8ce919b6984441585de85e5e0ce230
GET /it/u=415071252,2905613793&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 76416
expires: Sat, 18 Feb 2023 05:50:13 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e440648515732d2a3c303793e2019f0d
age: 22375
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 05:50:13 GMT
ohc-cache-hit: wh4ct55 [4], qdix217 [2]
ohc-file-size: 76416
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3047439696,203865399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
119.96.52.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=3047439696,203865399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 131b34ace431e6e4f42c4328ca9c83d9
64457a720868975b44a5dce67826019234b64a5f
68bd0cdfde25baf4580454155e913896655fae765097cef158a181eb173fbc20
GET /it/u=3047439696,203865399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 42046
expires: Wed, 22 Feb 2023 07:03:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 131b34ace431e6e4f42c4328ca9c83d9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 07:03:58 GMT
ohc-cache-hit: wh4ct50 [1], suzix50 [4]
ohc-file-size: 42046
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2141134280,549958465&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
119.96.52.35200 OK 46 kB URL HTTP/2 img2.baidu.com/it/u=2141134280,549958465&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75ad254749f2bdc3a6751e91a691cbb4
4dce2495a122a23867ab3294c240162c72e87d87
881d0aadb5f6e31cc99a876d3cb9c1d390389da6a933fa9c34a3519cb55b002d
GET /it/u=2141134280,549958465&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 46216
expires: Fri, 17 Feb 2023 16:06:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 75ad254749f2bdc3a6751e91a691cbb4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 16:06:48 GMT
ohc-cache-hit: wh4ct63 [1], qdix85 [2]
ohc-file-size: 46216
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
119.96.52.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
IP 119.96.52.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x681, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc144a19de6edc8fac134a63b616f86e
edf8b5ec243bdafe7002c8adc201c958432ba825
a17bd83bd92e7b4f579877358861a1703ccfffb7ec0c419fb55ca80723b9293b
GET /it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12441.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:55:03 GMT
content-type: image/webp
content-length: 18988
expires: Sun, 19 Feb 2023 07:32:00 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fc144a19de6edc8fac134a63b616f86e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 07:32:00 GMT
ohc-cache-hit: wh4ct50 [1], wzix77 [4]
ohc-file-size: 18988
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1527325839,3265889126&fm=253&app=138&f=JPEG?w=800&h=500
118.112.225.35200 OK 70 kB URL HTTP/1.1 img0.baidu.com/it/u=1527325839,3265889126&fm=253&app=138&f=JPEG?w=800&h=500
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash b4848be0b4288c82d0afec34c47996da
b75b61273e2e363cf2f2b119ad1c42945522dd28
bd74355b01130e99d965b6221779fb0b41a30da71043339eb914d2bac3d25a94
GET /it/u=1527325839,3265889126&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:03 GMT
Content-Type: image/jpeg
Content-Length: 70227
Connection: keep-alive
Expires: Fri, 24 Feb 2023 10:51:03 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: b4848be0b4288c82d0afec34c47996da
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 10:51:03 GMT
Ohc-Cache-HIT: cd6ct80 [1], suzix146 [4]
Ohc-File-Size: 70227
X-Cache-Status: MISS
s.360.cn/so/zz.gif?url=http%3A%2F%2F12441.url.tudown.com%2Fdown%2Foffice2003%40394_2.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a22_641903e@33a090b29e0c
171.8.167.90200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12441.url.tudown.com%2Fdown%2Foffice2003%40394_2.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a22_641903e@33a090b29e0c
IP 171.8.167.90:0
ASN #137687 Luoyang, Henan Province, P.R.China.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12441.url.tudown.com%2Fdown%2Foffice2003%40394_2.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a22_641903e@33a090b29e0c HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Wed, 25 Jan 2023 10:55:04 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 23 Jul 2019 07:36:18 GMT
Connection: keep-alive
ETag: "5d36b8f2-0"
Accept-Ranges: bytes
12441.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12441.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12441.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12441.url.tudown.com/down/office2003@394_2.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674644101; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674644101
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:55:04 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
t14.baidu.com/it/u=3640963258,3727474664&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 64 kB URL HTTP/1.1 t14.baidu.com/it/u=3640963258,3727474664&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e38afc01042c636cef3e44ea8d57859a
d1df894bbb40dd2f7c6f9b826b754e6a8411ac07
eafc849ffcd6c46dfdbc2f56e7a4873a33e3f6685c5e53da0827eaf66047ab75
GET /it/u=3640963258,3727474664&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12441.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:55:05 GMT
Content-Type: image/jpeg
Content-Length: 64377
Connection: keep-alive
Expires: Wed, 22 Feb 2023 20:45:42 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e38afc01042c636cef3e44ea8d57859a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 20:45:41 GMT
Ohc-Upstream-Trace: 58.20.204.62
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache62 [2], bdix178 [4]
Ohc-Response-Time: 1 0 0 1 1620 1620
Ohc-File-Size: 64377
X-Cache-Status: MISS
Timing-Allow-Origin: *