r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Wed, 25 Jan 2023 13:27:07 GMT
Date: Wed, 25 Jan 2023 10:49:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16065
Expires: Wed, 25 Jan 2023 15:17:19 GMT
Date: Wed, 25 Jan 2023 10:49:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 10:42:49 GMT
content-type: application/json
age: 405
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5948
Expires: Wed, 25 Jan 2023 12:28:42 GMT
Date: Wed, 25 Jan 2023 10:49:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n3EPIYopQRZZjB3+RDx/siqVopoOdaCeCTEt8owuPNwiZBosxFMcxVaS+Ftjsyp1+5SjEzl2guM=
x-amz-request-id: NG285E7G3T036E15
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 10:19:38 GMT
age: 1796
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 10:49:34 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 10:41:40 GMT
age: 475
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
200 OK 8.7 kB URL HTTP/1.1 12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 6c15059de1a0e541fb73829174431477
d22776f4de0d60de74d4489ec078a07418314171
be6bbeb0f490a0ac3f0439030accffd04692dfb21e40dc7542cbb90835245a6d
Analyzer Verdict Alert fortinet Malware
GET /down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9624
Expires: Wed, 25 Jan 2023 13:29:59 GMT
Date: Wed, 25 Jan 2023 10:49:35 GMT
Connection: keep-alive
12230.url.tudown.com/js/orsxg5a.script
200 OK 531 B URL HTTP/1.1 12230.url.tudown.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d0+VYtk4zzFjh9YxuJ+Y3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Db7Co9fZddd3pnF0v2MQEmkWj+Q=
12230.url.tudown.com/template/company/955yx/css/gb.css
200 OK 47 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/css/gb.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Wed, 25 Jan 2023 22:49:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12230.url.tudown.com/template/company/955yx/js/searchword.js
200 OK 1.3 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/js/searchword.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Wed, 25 Jan 2023 22:49:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12230.url.tudown.com/template/company/955yx/js/week_rank.js
200 OK 656 B URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/js/week_rank.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Wed, 25 Jan 2023 22:49:35 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12230.url.tudown.com/template/company/955yx/js/api.js
200 OK 22 B URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/js/api.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Wed, 25 Jan 2023 22:49:35 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12230.url.tudown.com/template/company/955yx/js/script_index2.js
200 OK 2.3 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/js/script_index2.js
IP
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Wed, 25 Jan 2023 22:49:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12230.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
200 OK 41 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:35 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Wed, 25 Jan 2023 22:49:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12230.url.tudown.com/template/company/955yx/js/gb.js
200 OK 7.7 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/js/gb.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Wed, 25 Jan 2023 22:49:36 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43ec508fd796c65b1616c9dcc896b7f1
b0d21e4e4636c1428b4eb17960e7f0a27ca94ab0
8476b98223e285e450bad8a5762450e0a67edc72b2ccb35c63191601139f37c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8476B98223E285E450BAD8A5762450E0A67EDC72B2CCB35C63191601139F37C8"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 25 Jan 2023 16:49:36 GMT
Date: Wed, 25 Jan 2023 10:49:36 GMT
Connection: keep-alive
12230.url.tudown.com/uploads/images/528475.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/528475.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/528475.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500
12230.url.tudown.com/uploads/images/200919.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/200919.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/200919.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1260173943,2543732863&fm=224&app=112&f=JPEG?w=375&h=500
12230.url.tudown.com/static/api/http://12230.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465177
404 Not Found 146 B URL HTTP/1.1 12230.url.tudown.com/static/api/http://12230.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465177
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /static/api/http://12230.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465177 HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12230.url.tudown.com/uploads/images/514930.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/514930.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/514930.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=513815953,3239827336&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/993262.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/993262.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/993262.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2369403815,841701763&fm=253&fmt=auto?w=500&h=889
12230.url.tudown.com/template/company/955yx/images/home.png
200 OK 1.3 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/images/home.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
12230.url.tudown.com/uploads/images/567640.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/567640.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/567640.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1088706344,982398881&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/578162.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/578162.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/578162.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
200 OK 578 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP
Hash 33ddbfe597fb7be933fd01e591e2961b
cf822ef8aaf362adf583daa88500f4f709553890
695de6ea7f8c8ca8cb4b5c8f66d30eec07c04cba3ff0d89760a87be54425edce
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12230.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Wed, 25 Jan 2023 10:47:19 GMT
cache-control: max-age=600
expires: Wed, 25 Jan 2023 10:56:57 GMT
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: POgw68ADY7gEuHUz3AXHibod5uo4Pf3ZBrFpNB6LEbfEeXedxJspyw==
age: 159
X-Firefox-Spdy: h2
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12230.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Thu, 24 Nov 2022 04:21:47 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Sun, 21 Nov 2032 04:21:47 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2b-T_o8aaWbCLvyLOat0N-QXA9IgfTSGnNs23V8G_9HDJUZlaQzqLg==
age: 5380069
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 25 Jan 2023 10:49:36 GMT
Etag: "4078521116"
Expires: Thu, 25 Jan 2024 10:49:36 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=08FE07770D292B439AAB7849518910C0:FG=1; max-age=31536000; expires=Thu, 25-Jan-24 10:49:36 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 49c17f50509e9d8e14429c775f07ee5f
ff586433eff6fdb78da0a23c1ed9069833ab65ab
6474e992b6d82e76dda26899f73d7573d468afb7d58abe4bbbed7e10b2e3a5c7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 29 Jan 2023 08:17:51 GMT
ETag: "ff586433eff6fdb78da0a23c1ed9069833ab65ab"
Last-Modified: Wed, 25 Jan 2023 08:17:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3582
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f071749d95b505-OSL
t13.baidu.com/it/u=1260173943,2543732863&fm=224&app=112&f=JPEG?w=375&h=500
200 OK 42 kB URL HTTP/1.1 t13.baidu.com/it/u=1260173943,2543732863&fm=224&app=112&f=JPEG?w=375&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash 3b5b2fb73ac9d8d6041cd1b0261649a8
8e799d52f87aeede604add028d1bd89495359807
c757195fa1028c6deed739d5fe0ff2c902e65f8af70ef480c133d9fd7631985e
GET /it/u=1260173943,2543732863&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpeg
Content-Length: 41461
Connection: keep-alive
Expires: Sat, 18 Feb 2023 02:52:54 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 3b5b2fb73ac9d8d6041cd1b0261649a8
Age: 377312
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 02:52:54 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache63 [1], xiangyix107 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41461
X-Cache-Status: HIT
Timing-Allow-Origin: *
12230.url.tudown.com/uploads/images/439408.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/439408.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/439408.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=787365942,4163876705&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
t15.baidu.com/it/u=1088706344,982398881&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 43 kB URL HTTP/1.1 t15.baidu.com/it/u=1088706344,982398881&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 7dda212905813e133173193c5839dae5
f4f08b9e8a760fbbaf0160450e8e68abf9e5ab7b
731195aeb7dcdfadb3006b21218bdb0b6313c848b84a95d6d95e85d4b82e52ef
GET /it/u=1088706344,982398881&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpeg
Content-Length: 43276
Connection: keep-alive
Expires: Fri, 10 Feb 2023 13:36:12 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 7dda212905813e133173193c5839dae5
Age: 1172124
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 13:36:11 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache59 [4], bdix59 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43276
X-Cache-Status: HIT
Timing-Allow-Origin: *
12230.url.tudown.com/uploads/images/611808.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/611808.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/611808.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=278482755,2768612802&fm=253&fmt=auto?w=500&h=666
12230.url.tudown.com/uploads/images/116844.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/116844.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/116844.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4172320430,3242179436&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/935908.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/935908.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/935908.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=841177907,1043245467&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 64 kB URL HTTP/1.1 t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 23ff52a9180ce32c627976178f696784
01ad874431bdf6adf60395117e5065b2687571a4
4e03acbe003d62ed6d3817a0d6c4891e3c434a908af3fcc8e1a35209c1dafaaf
GET /it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpeg
Content-Length: 63836
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:19:15 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 23ff52a9180ce32c627976178f696784
Age: 1170770
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:19:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache60 [1], xaix194 [2]
Ohc-Response-Time: 1 0 0 0 0 1
Ohc-File-Size: 63836
X-Cache-Status: HIT
Timing-Allow-Origin: *
12230.url.tudown.com/uploads/images/874933.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/874933.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/874933.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1313203608,3572463302&fm=253&app=120&f=JPEG?w=1280&h=800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5132
Expires: Wed, 25 Jan 2023 12:15:09 GMT
Date: Wed, 25 Jan 2023 10:49:37 GMT
Connection: keep-alive
img1.baidu.com/it/u=513815953,3239827336&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 20 kB URL HTTP/1.1 img1.baidu.com/it/u=513815953,3239827336&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21677a93532fe9c23c89c5e13ad2e23f
08c7495f255c0db0f235958e1ccad2f7a541a469
f871fe50b16da72e9165bdf00f37b38b84670e7760c2b8315b796ebe344cff44
GET /it/u=513815953,3239827336&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/webp
Content-Length: 19910
Connection: keep-alive
Expires: Sat, 28 Jan 2023 14:15:41 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 21677a93532fe9c23c89c5e13ad2e23f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 14:15:41 GMT
Ohc-Cache-HIT: ly4ct73 [1], suzix135 [4]
Ohc-File-Size: 19910
X-Cache-Status: MISS
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 20102
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbbcba4403c1ea4e45ff47894d66e984
8555e8d6a38b78829a7dd2f10eb99bdbb254d89a
c9acd732889f9a58b085ceee3ceb8040fedb1e85ddb9f5b933960472c2f8d147
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3109
x-amzn-requestid: 89df621b-47d8-4127-8e4f-8e57f3244419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKV9hFNKIAMFtlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd9d23-0b4c0b5d2bf8c22b2ada0e9c;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 20:31:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B62xY4rlFNdJGd5ethwkCIwQTsegDVJy6s7OptIr1g_E8GvwttW2sQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 09:39:09 GMT
age: 4228
etag: "8555e8d6a38b78829a7dd2f10eb99bdbb254d89a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7d50173f78bef1429160a353679dd91
695d7913e35a7e086d76c38d7c6f43462b0896df
4c761d1f9fd523750102aea0cce3f8c3cd92918d4c59853415745278292afa4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6231
x-amzn-requestid: 85406169-05a4-4ba9-8a20-5ed2badec48a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEXPmGB_oAMF7Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb38ca-607a23df395511207f5958cd;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 00:58:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wgvWx8V8czjRN96TVCFkx21hxrAuvT7v7D8zcYjD7CJViXFkhp2FoA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:24:28 GMT
age: 19509
etag: "695d7913e35a7e086d76c38d7c6f43462b0896df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 946d8485d39fbe598dc6af86e735061d
4934319819697b4c89466949cd4ef93bb8b9c8b2
7bd130762bfaa189b24e3620e4a54b8e0cc7046ea2d917c37d11a8f248803840
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 5786e270-1aae-45e2-b406-ad9ce4e90c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHH8hEcBIAMFyjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5383-3b3fb6220035b4e34db73fee;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:05:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mVeNR5XqJqAXlMYpaB2oVd1YZDsXvbyDOOz3gkj1kn4roCQLb36RtQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 08:21:17 GMT
age: 8900
etag: "4934319819697b4c89466949cd4ef93bb8b9c8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6c1403a1d3c878c08ccaf17f8b3d0a
7596b783e0da5fba63c49374933eccffc223d729
1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -GQ5kEZvbltzLlBeml1PxYH3ufTrSMApVjDyR_NkR-6-vXfuJHOb0g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:09:45 GMT
age: 41992
etag: "7596b783e0da5fba63c49374933eccffc223d729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:41:44 GMT
age: 22073
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/974118.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/974118.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/974118.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2261180135,2205312572&fm=224&app=112&f=JPEG?w=500&h=281
s.360.cn/so/zz.gif?url=http%3A%2F%2F12230.url.tudown.com%2Fdown%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588%25E5%258D%2595%25E6%2596%2587%25E4%25BB%25B62.2.0.46%40154_256726.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b632f72685522_54f521d@b6
200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12230.url.tudown.com%2Fdown%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588%25E5%258D%2595%25E6%2596%2587%25E4%25BB%25B62.2.0.46%40154_256726.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b632f72685522_54f521d@b6
IP
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12230.url.tudown.com%2Fdown%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588%25E5%258D%2595%25E6%2596%2587%25E4%25BB%25B62.2.0.46%40154_256726.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b632f72685522_54f521d@b6 HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Thu, 01 Aug 2019 13:00:34 GMT
Connection: keep-alive
ETag: "5d42e272-0"
Accept-Ranges: bytes
12230.url.tudown.com/uploads/images/301358.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/301358.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/301358.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=556750638,3305275587&fm=253&fmt=auto?w=500&h=751
12230.url.tudown.com/uploads/images/538114.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/538114.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/538114.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12230.url.tudown.com/uploads/images/734573.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/734573.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/734573.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3066030424,3949745885&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12230.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674643774752
200 OK 8.6 kB URL HTTP/1.1 12230.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674643774752
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash c8a5a82aca0699ad5c5a66589ec0b031
1b8f90e4b331a22a12504e05dc28f8edf88f3115
104c8ceec44d27f6d6db42e2ae9e77d1e7e057cd54c899850f172fc2ad66428c
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674643774752 HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
t13.baidu.com/it/u=2261180135,2205312572&fm=224&app=112&f=JPEG?w=500&h=281
200 OK 13 kB URL HTTP/1.1 t13.baidu.com/it/u=2261180135,2205312572&fm=224&app=112&f=JPEG?w=500&h=281
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash e20bd2c6bff56e365bf91292e7cfbb02
9e0c010755fa9549d2727b9aa999a0189eb74927
dddf782f6a064d33e9679414efbf2f98bc4ed8164a4b11fc1beb7d830cc761ae
GET /it/u=2261180135,2205312572&fm=224&app=112&f=JPEG?w=500&h=281 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpeg
Content-Length: 12925
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:49:28 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e20bd2c6bff56e365bf91292e7cfbb02
Age: 1172505
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:49:28 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache64 [4], bdix84 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 12925
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=278482755,2768612802&fm=253&fmt=auto?w=500&h=666
200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=278482755,2768612802&fm=253&fmt=auto?w=500&h=666
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x666, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd60ed9913920ad4bdcc64df579bb542
ff33791906b03bb82e61e6ac48e656d5688add71
5408996b0e6882c01870ee4090760da03bd68ad7870aa047de870f90000c21b4
GET /it/u=278482755,2768612802&fm=253&fmt=auto?w=500&h=666 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 12190
expires: Fri, 24 Feb 2023 03:44:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: dd60ed9913920ad4bdcc64df579bb542
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 03:44:03 GMT
ohc-cache-hit: nc3ct50 [1], bdix241 [4]
ohc-file-size: 12190
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=787365942,4163876705&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
200 OK 21 kB URL HTTP/1.1 img1.baidu.com/it/u=787365942,4163876705&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e6e6f91e957e18fcfcdf1e58f290e01d
a000d804f9fde94fa1a34b4be331c67e94755422
275ca709dac6740b5bedec9c11f9ca050fff1e35152f47484bf9b2e30b3b028f
GET /it/u=787365942,4163876705&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=700 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/webp
Content-Length: 21380
Connection: keep-alive
Expires: Thu, 16 Feb 2023 05:48:02 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e6e6f91e957e18fcfcdf1e58f290e01d
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 05:48:02 GMT
Ohc-Cache-HIT: ly4ct90 [1], czix207 [4]
Ohc-File-Size: 21380
X-Cache-Status: MISS
img2.baidu.com/it/u=2369403815,841701763&fm=253&fmt=auto?w=500&h=889
200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2369403815,841701763&fm=253&fmt=auto?w=500&h=889
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e197100176d7f25f2750d0aee344270
bd7b28bb3b4f7840d6549d7e64c2d88ed056b524
ad460a78844ff41390f27804e9a4310eba76558c650f223f088a3184b7295328
GET /it/u=2369403815,841701763&fm=253&fmt=auto?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 13296
expires: Thu, 02 Feb 2023 13:58:29 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5e197100176d7f25f2750d0aee344270
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 13:58:29 GMT
ohc-cache-hit: lz3ct76 [1], csix76 [4]
ohc-file-size: 13296
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/template/company/955yx/images/litterstar.png
200 OK 1.7 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/images/litterstar.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
12230.url.tudown.com/uploads/images/318257.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/318257.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/318257.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066
12230.url.tudown.com/uploads/images/681665.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/681665.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/681665.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4124368326,2133245731&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=869
img0.baidu.com/it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500
200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2af1a9879673bb04b71dda6ad809a9c
0f9c04cd347b2e33cc70fa24e0797ee00d0c0c8c
62a69a0a367e7c6c33e6a5920ddc5b7c0a128a8502293ae7f1bd20cffc7884be
GET /it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 26590
expires: Fri, 24 Feb 2023 10:49:37 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: a2af1a9879673bb04b71dda6ad809a9c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 10:49:37 GMT
ohc-cache-hit: nc3ct63 [1], xiangyix101 [2]
ohc-file-size: 26590
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74f874e56e4824b35a037acadfbeedee
ed0f45750497dba51c2e69017c5e184fef3acf06
29210114f36705e4305addba3631a5f6563c73d62da84f17aa193efab381ce07
GET /it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 25826
expires: Mon, 20 Feb 2023 06:25:29 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 74f874e56e4824b35a037acadfbeedee
age: 154272
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:25:29 GMT
ohc-cache-hit: nc3ct52 [4], bdix110 [2]
ohc-file-size: 25826
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=556750638,3305275587&fm=253&fmt=auto?w=500&h=751
200 OK 13 kB URL HTTP/2 img1.baidu.com/it/u=556750638,3305275587&fm=253&fmt=auto?w=500&h=751
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x751, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34634a078f8f9c309ea1ea5f2f1616c5
fdc88e8d881edb3ea59aaf093b469a94bbe54a0b
dd3febd522d4683edeed41bb6d4ffb926ae8b5c981bb37fec4520cfdcb9c542d
GET /it/u=556750638,3305275587&fm=253&fmt=auto?w=500&h=751 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 13394
expires: Mon, 20 Feb 2023 09:56:15 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 34634a078f8f9c309ea1ea5f2f1616c5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:56:15 GMT
ohc-cache-hit: nc3ct76 [1], csix76 [4]
ohc-file-size: 13394
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1313203608,3572463302&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 82 kB URL HTTP/1.1 img1.baidu.com/it/u=1313203608,3572463302&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 4be50f591e4850f763dda9bca1e5fb12
064a088496c95c3c72c21a4994ac5860117a1af6
3b1c7a7881c483063d8ca463c50d22dde1217cb7a11ea37d3a28882f1b709174
GET /it/u=1313203608,3572463302&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpeg
Content-Length: 82411
Connection: keep-alive
Expires: Tue, 07 Feb 2023 12:25:17 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 4be50f591e4850f763dda9bca1e5fb12
Age: 192417
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 12:25:17 GMT
Ohc-Cache-HIT: ly4ct66 [4], czix150 [2]
Ohc-File-Size: 82411
X-Cache-Status: HIT
12230.url.tudown.com/uploads/images/894937.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/894937.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/894937.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2987617574,1591591596&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12230.url.tudown.com/template/company/955yx/images/bgs.png
200 OK 101 kB URL HTTP/1.1 12230.url.tudown.com/template/company/955yx/images/bgs.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:36 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
img2.baidu.com/it/u=841177907,1043245467&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
200 OK 6.3 kB URL HTTP/2 img2.baidu.com/it/u=841177907,1043245467&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fada2a0fe8bd7585941683e4c4d2f5f7
63be12ff11b5af430d15ea1a4524a224ed0c1989
af746bdf6d50a8a395d52ecfeb6886878005fc617cddc333f6a1188b63beeae8
GET /it/u=841177907,1043245467&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 6296
expires: Mon, 20 Feb 2023 09:03:35 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: fada2a0fe8bd7585941683e4c4d2f5f7
age: 115589
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:03:35 GMT
ohc-cache-hit: lz3ct82 [4], suzix226 [4]
ohc-file-size: 6296
x-cache-status: HIT
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/285394.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/285394.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/285394.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=311375509,4058416830&fm=253&app=120&f=JPEG?w=1422&h=800
12230.url.tudown.com/api.php?op=digg&action=show&id=23038
404 Not Found 146 B URL HTTP/1.1 12230.url.tudown.com/api.php?op=digg&action=show&id=23038
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
img1.baidu.com/it/u=3066030424,3949745885&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=3066030424,3949745885&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e8aa3c49c82870a16ca3a1f175848e6
997264a610f5af9ca712e98a3a759d154c2a670f
d86143693b839d09e059593be353cbc95c24508f958d127aa7932789773df80e
GET /it/u=3066030424,3949745885&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 16410
expires: Fri, 17 Feb 2023 08:44:14 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0e8aa3c49c82870a16ca3a1f175848e6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 08:44:14 GMT
ohc-cache-hit: nc3ct82 [1], czix82 [4]
ohc-file-size: 16410
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash cc62c87fafac4982ebc5f7eea02cbd24
6912e785b07ffcd10c3c68c4973fb0b9cf2d4f94
b9dc5054e0288d7f03858a0984f9005492a9d46aad2484c9ae5a593f0ff46a82
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12230.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Wed, 25 Jan 2023 10:49:37 GMT
Etag: 349e553ef31284b5eb685907e4743f75
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=89416B62AB53B5FF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img2.baidu.com/it/u=4124368326,2133245731&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=869
200 OK 44 kB URL HTTP/2 img2.baidu.com/it/u=4124368326,2133245731&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=869
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x869, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 107e27c7c928938ca8e1979cf3802d39
1886595662f8dbdf5fb334a550b4a6b51201c6ff
0dd3d4f3830e01294f6b6c76aef7edd9b4d418fdfdb5a79dc4e575140fb1a40c
GET /it/u=4124368326,2133245731&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=869 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 43848
expires: Tue, 31 Jan 2023 15:57:54 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 107e27c7c928938ca8e1979cf3802d39
age: 18166
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 15:57:54 GMT
ohc-cache-hit: lz3ct93 [4], csix93 [4]
ohc-file-size: 43848
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066
200 OK 50 kB URL HTTP/2 img0.baidu.com/it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1066, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb38cec0ab2a5a57560aee22a763f4c2
74ac5c3a22542e7d4cd45f4be944a8cf57b48b86
0efe946c4bdb5b973331cae8ed855089a4b9fa276ec99736881f402d04f6f524
GET /it/u=1387579112,4009109011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1066 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 49550
expires: Mon, 20 Feb 2023 01:48:52 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: cb38cec0ab2a5a57560aee22a763f4c2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 01:48:52 GMT
ohc-cache-hit: nc3ct69 [1], qdix244 [4]
ohc-file-size: 49550
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4172320430,3242179436&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=4172320430,3242179436&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1677de996d8ec8bb03e2c7df1d52f329
7469ac85b33e8443c1ca96163cb75b813ea37584
1c4686d9486914eafa0bf54869b25f539c2441655bed6d789aa12e527dacca20
GET /it/u=4172320430,3242179436&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 27162
expires: Sat, 04 Feb 2023 02:38:30 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1677de996d8ec8bb03e2c7df1d52f329
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 02:38:30 GMT
ohc-cache-hit: nc3ct60 [1], bdix175 [4]
ohc-file-size: 27162
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
IP
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 Jan 2023 10:49:37 GMT
12230.url.tudown.com/uploads/images/753289.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/753289.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/753289.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
12230.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
200 OK 8.8 kB URL HTTP/1.1 12230.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash ffd3446df164a234e40840b290cc1aa3
ff5034eb0ac39a12c5316c3b5b7505501ddbdc42
675efed1a56b1d8e41f2118190de5b93d053ae600e601601ffe5aa9f039da6ab
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12230.url.tudown.com/uploads/images/610052.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/610052.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/610052.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=807914739,2003369770&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/592671.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/592671.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/592671.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1768473699,1151319005&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
12230.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
200 OK 8.7 kB URL HTTP/1.1 12230.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash a0bfd6eee41a41a16ec0d5753ed9f4db
c2bf04cf251edbe928d5ee6f1022213aa3d4a2d5
c55b9578e33cf2ecdbd358e6c96d47a138e31e8067d606ee29babd6cb41e30cb
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
t15.baidu.com/it/u=807914739,2003369770&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 45 kB URL HTTP/1.1 t15.baidu.com/it/u=807914739,2003369770&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2222da7a5b17b33b461e4eadf3348468
326df80204bf105d6368fce89231ef610d39ed29
d40e58401957b9794bc5935e3b611722080a201d6d2277b031a734caddb7abdd
GET /it/u=807914739,2003369770&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpeg
Content-Length: 44671
Connection: keep-alive
Expires: Wed, 15 Feb 2023 06:27:18 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2222da7a5b17b33b461e4eadf3348468
Age: 204464
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 06:27:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache55 [1], qdix202 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44671
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2987617574,1591591596&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
200 OK 72 kB URL HTTP/2 img0.baidu.com/it/u=2987617574,1591591596&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52f31abd28062c9538c65c2517b0629e
844222201b19ff75c1fc40653ef811e5262bed32
22cbb4075ec9969b86f2076d57d66461cb43d5e47e00c6588ff442632b74c115
GET /it/u=2987617574,1591591596&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:37 GMT
content-type: image/webp
content-length: 71716
expires: Tue, 21 Feb 2023 15:06:08 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 52f31abd28062c9538c65c2517b0629e
age: 95727
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 15:06:08 GMT
ohc-cache-hit: nc3ct54 [4], bdix160 [2]
ohc-file-size: 71716
x-cache-status: HIT
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/796448.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/796448.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/796448.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=290211298,4043390293&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=972021310&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=27921&r=0&ww=1280&u=http%3A%2F%2F12230.url.tudown.com%2Fdown%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588%25E5%258D%2595%25E6%2596%2587%25E4%25BB%25B62.2.0.46%40154_256726.exe&tt=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BAapp%E6%9C%80%E6%96%B0%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=972021310&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=27921&r=0&ww=1280&u=http%3A%2F%2F12230.url.tudown.com%2Fdown%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588%25E5%258D%2595%25E6%2596%2587%25E4%25BB%25B62.2.0.46%40154_256726.exe&tt=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BAapp%E6%9C%80%E6%96%B0%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=972021310&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=27921&r=0&ww=1280&u=http%3A%2F%2F12230.url.tudown.com%2Fdown%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588%25E5%258D%2595%25E6%2596%2587%25E4%25BB%25B62.2.0.46%40154_256726.exe&tt=%E6%BE%B3%E9%97%A8%E5%A8%81%E5%B0%BC%E6%96%AF%E4%BA%BAapp%E6%9C%80%E6%96%B0%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12230.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Jan 2023 10:49:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7F06D9274264852E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
200 OK 45 kB URL HTTP/2 img0.baidu.com/it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 754c97854c3569005080f33ca57b4c69
c5f80eaa826c2f0c72774be47075f07e6bf95e8d
a368f9dc193da5d904b8221893839483c5d9e07ae2d96d5e52b0ec008eee6ecc
GET /it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:38 GMT
content-type: image/webp
content-length: 44878
expires: Fri, 27 Jan 2023 14:01:29 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 754c97854c3569005080f33ca57b4c69
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 14:01:29 GMT
ohc-cache-hit: nc3ct83 [1], czix181 [4]
ohc-file-size: 44878
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/722123.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/722123.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/722123.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/842515.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/842515.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842515.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1422074609,2061739603&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/498250.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/498250.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/498250.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4291037160,677557441&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/213368.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/213368.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/213368.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3112756418,3760479085&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
12230.url.tudown.com/uploads/images/106759.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/106759.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/106759.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170
img0.baidu.com/it/u=1768473699,1151319005&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
200 OK 48 kB URL HTTP/2 img0.baidu.com/it/u=1768473699,1151319005&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 668x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e97e0c35c770324b911150e5d8d277a7
c937c224f7b64272b65eadcc1c101b2def0f3def
889097800f40fd717a89db3bb0dadf3bb531648fcbab8b357db32168264a36fa
GET /it/u=1768473699,1151319005&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:38 GMT
content-type: image/webp
content-length: 47680
expires: Fri, 24 Feb 2023 02:16:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: e97e0c35c770324b911150e5d8d277a7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 02:16:51 GMT
ohc-cache-hit: nc3ct51 [1], qdix93 [2]
ohc-file-size: 47680
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=4291037160,677557441&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 35 kB URL HTTP/1.1 t15.baidu.com/it/u=4291037160,677557441&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 7d2ba90594a7b3f2879e3ba1b66549cc
36a0f98d511079dc98389768c8c42926b543eba8
a5c49605628b10d8235ca5d3402972a7fe017612d0f9c2d3e077bb5a052b00fa
GET /it/u=4291037160,677557441&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 35267
Connection: keep-alive
Expires: Sat, 18 Feb 2023 22:26:04 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 7d2ba90594a7b3f2879e3ba1b66549cc
Age: 379105
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 22:26:04 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache58 [2], csix58 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35267
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=290211298,4043390293&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 35 kB URL HTTP/2 img1.baidu.com/it/u=290211298,4043390293&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cde2a0de9a54f05d05e51bd8618dfd1f
193fab3e6e19f5511b8c63454e7d5d79e5d1bed3
8ca442985ccb66dfa67ac38c69cd9d5cf8ded4a90286d58818f56bec817f4343
GET /it/u=290211298,4043390293&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:38 GMT
content-type: image/webp
content-length: 35002
expires: Tue, 21 Feb 2023 03:09:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: cde2a0de9a54f05d05e51bd8618dfd1f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:09:35 GMT
ohc-cache-hit: nc3ct70 [1], xaix193 [2]
ohc-file-size: 35002
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/982036.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/982036.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/982036.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1613296321,2707174242&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
t13.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 57 kB URL HTTP/1.1 t13.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cdc24465d02cef5dbf5ff3f9eef95822
f688d3e1c68427475d43888b4821ba4fef52f4ef
c4ee317b1038f857654f2dcb1be0f0d7db69fbf10751dd157e32314b6dd26caa
GET /it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 56665
Connection: keep-alive
Expires: Thu, 16 Feb 2023 11:50:35 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: cdc24465d02cef5dbf5ff3f9eef95822
Age: 551171
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 11:50:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache51 [4], qdix66 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56665
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1422074609,2061739603&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 61 kB URL HTTP/1.1 t15.baidu.com/it/u=1422074609,2061739603&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 02944b4cb6d13faaf77903969264b7da
7fb97234e972f46132bb380e35ee26ae312d82e3
0addfa7dffa1a70293a30b935fa75a0a82bd669dfbe0923f34b5cf461ac9ef64
GET /it/u=1422074609,2061739603&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 61299
Connection: keep-alive
Expires: Mon, 30 Jan 2023 23:01:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 02944b4cb6d13faaf77903969264b7da
Age: 1170188
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 23:01:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache58 [4], xaix84 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 61299
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3112756418,3760479085&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
200 OK 6.1 kB URL HTTP/2 img1.baidu.com/it/u=3112756418,3760479085&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e94f2daaca0fd23861fa02226e07bd3
248289a42ae6a2c77fc67318c8209d002ab257d4
2dce3c49271701244ba8ddcd88ff1fdd6a91b5c2ebe69e7b50170fdcb5a8795e
GET /it/u=3112756418,3760479085&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:38 GMT
content-type: image/webp
content-length: 6066
expires: Mon, 20 Feb 2023 03:12:58 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 5e94f2daaca0fd23861fa02226e07bd3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 03:12:58 GMT
ohc-cache-hit: nc3ct55 [1], qdix151 [4]
ohc-file-size: 6066
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/916453.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/916453.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/916453.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280
12230.url.tudown.com/uploads/images/958054.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/958054.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/958054.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1795612250,1469454232&fm=253&app=120&f=JPEG?w=1280&h=800
12230.url.tudown.com/uploads/images/186974.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/186974.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/186974.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2732697616,951863868&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/171663.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/171663.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/171663.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2427161569,316359015&fm=253&fmt=auto&app=138&f=PNG?w=500&h=678
img2.baidu.com/it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170
200 OK 11 kB URL HTTP/2 img2.baidu.com/it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6eb27e67e953452bd8aa193de5261063
bf213f8bfc11c5b46ac957a538e2c638766bf5a3
65fd5973ae85f912637644635f0e28d0ef885312fe574ca86b9545feb0e1f827
GET /it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:38 GMT
content-type: image/webp
content-length: 11032
expires: Wed, 01 Feb 2023 10:59:46 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6eb27e67e953452bd8aa193de5261063
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 10:59:46 GMT
ohc-cache-hit: lz3ct80 [1], csix109 [4]
ohc-file-size: 11032
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/842100.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/842100.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842100.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3490340696,170353092&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=311375509,4058416830&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 144 kB URL HTTP/1.1 img2.baidu.com/it/u=311375509,4058416830&fm=253&app=120&f=JPEG?w=1422&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 144 kB (143672 bytes)
Hash 4181bb62664575b6957e85ff0a6a6aa8
8d20cb86d61ddad1c63f1d0de7b8d9baf16dbc92
05470391cde7e0b982eb1f885764d02f304d55153c9994095a6539fbb2ca2092
GET /it/u=311375509,4058416830&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 143672
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:47:35 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 4181bb62664575b6957e85ff0a6a6aa8
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 02:47:35 GMT
Ohc-Cache-HIT: lz3ct57 [2], czix57 [4]
Ohc-File-Size: 143672
X-Cache-Status: MISS
img1.baidu.com/it/u=1613296321,2707174242&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
200 OK 5.9 kB URL HTTP/2 img1.baidu.com/it/u=1613296321,2707174242&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7477193437b26d4ddd5d2ee4cd679ae8
01fbeae79b2115383da9a44542d72cbb8b43723c
bb6e0feca2a98271937b250f373a193155cc8cd83cf8ec1a9c7a1bd8c99fd6e7
GET /it/u=1613296321,2707174242&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:38 GMT
content-type: image/webp
content-length: 5944
expires: Mon, 20 Feb 2023 01:49:46 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 7477193437b26d4ddd5d2ee4cd679ae8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 01:49:46 GMT
ohc-cache-hit: nc3ct84 [1], xaix172 [2]
ohc-file-size: 5944
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=3490340696,170353092&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 33 kB URL HTTP/1.1 t14.baidu.com/it/u=3490340696,170353092&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 00faea63950129f37ed9997f6ffead8e
8cf3d1d6fd16fb6b1317ffaad8a06dbb49dcf306
5df6a5ad2719d33ed1227aeb9ae596850667a30604e91ed79ce2023b47f05172
GET /it/u=3490340696,170353092&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 33247
Connection: keep-alive
Expires: Thu, 02 Feb 2023 03:15:37 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 00faea63950129f37ed9997f6ffead8e
Age: 1166260
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 03:15:37 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache56 [4], qdix105 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33247
X-Cache-Status: HIT
Timing-Allow-Origin: *
12230.url.tudown.com/uploads/images/161221.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/161221.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/161221.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1095177512,370451936&fm=253&app=120&f=JPEG?w=1280&h=800
t13.baidu.com/it/u=2732697616,951863868&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 64 kB URL HTTP/1.1 t13.baidu.com/it/u=2732697616,951863868&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6da3c8c1548c31414d5fb4f9d47052a0
b20d69654190a4c91a7db96f5b8b78cc93490255
828f8bffc2f675a702c000ee77286599bcd67f46b8a051cbd58604d9677dfa7d
GET /it/u=2732697616,951863868&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 64074
Connection: keep-alive
Expires: Sat, 11 Feb 2023 13:19:55 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 6da3c8c1548c31414d5fb4f9d47052a0
Age: 1099656
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 13:19:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache60 [4], qdix169 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 64074
X-Cache-Status: HIT
Timing-Allow-Origin: *
12230.url.tudown.com/uploads/images/465799.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/465799.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/465799.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465
img1.baidu.com/it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280
200 OK 130 kB URL HTTP/1.1 img1.baidu.com/it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1280, components 3\012- data
Size 130 kB (129574 bytes)
Hash 344dc49c2917924fd4f9a76cc76bdd66
0349335998ee5ef1c701adab79853cbfa115f6e0
2b486a422d08881ca5bceb53b1b6738c5bbfab56589c9f7ec987483c497ed013
GET /it/u=814631857,2793334859&fm=253&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpeg
Content-Length: 129574
Connection: keep-alive
Expires: Thu, 16 Feb 2023 20:55:35 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 344dc49c2917924fd4f9a76cc76bdd66
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 20:55:35 GMT
Ohc-Cache-HIT: ly4ct77 [1], xiangyix120 [4]
Ohc-File-Size: 129574
X-Cache-Status: MISS
12230.url.tudown.com/uploads/images/640944.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/640944.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/640944.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2017304703,1242215758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
12230.url.tudown.com/uploads/images/315417.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/315417.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/315417.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1522662872,1965759140&fm=224&app=112&f=JPEG?w=500&h=500&s=7390348A040547FD30097E7C0300A064
12230.url.tudown.com/uploads/images/767108.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/767108.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/767108.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=95982619,2332546681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=660
12230.url.tudown.com/uploads/images/473296.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/473296.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/473296.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1292743080,1729770249&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
12230.url.tudown.com/uploads/images/logo.png?n=424zxzvrt7s3raxhr2x6jp4542olvzvcwduk5pxfusd6nhej5gmzb2fuupslxo7fqwwold5y&w=250
200 OK 3.8 kB URL HTTP/1.1 12230.url.tudown.com/uploads/images/logo.png?n=424zxzvrt7s3raxhr2x6jp4542olvzvcwduk5pxfusd6nhej5gmzb2fuupslxo7fqwwold5y&w=250
IP
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0236d8914cd39e5074199be9718055c7
68950512e39da024d501891249184d0e933ac2eb
fa0b31a15c94b8f7f2eaf522d4437fc45b488d6d8c2c51aa4e52f7fb922c24de
GET /uploads/images/logo.png?n=424zxzvrt7s3raxhr2x6jp4542olvzvcwduk5pxfusd6nhej5gmzb2fuupslxo7fqwwold5y&w=250 HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
t13.baidu.com/it/u=1522662872,1965759140&fm=224&app=112&f=JPEG?w=500&h=500&s=7390348A040547FD30097E7C0300A064
200 OK 51 kB URL HTTP/1.1 t13.baidu.com/it/u=1522662872,1965759140&fm=224&app=112&f=JPEG?w=500&h=500&s=7390348A040547FD30097E7C0300A064
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f5d70706e5602c22e5ea373201feb1af
8cd1e07f303bc618c5b6ea5e26457323fd0727a6
101f21817fe8fb40b13350f8035ae6b1411f3ce9c34456c23151b2b6b81fd8c3
GET /it/u=1522662872,1965759140&fm=224&app=112&f=JPEG?w=500&h=500&s=7390348A040547FD30097E7C0300A064 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 50857
Connection: keep-alive
Expires: Fri, 24 Feb 2023 03:49:38 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: f5d70706e5602c22e5ea373201feb1af
Age: 6116
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 03:49:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache60 [1], xiangyix206 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50857
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2427161569,316359015&fm=253&fmt=auto&app=138&f=PNG?w=500&h=678
200 OK 85 kB URL HTTP/1.1 img2.baidu.com/it/u=2427161569,316359015&fm=253&fmt=auto&app=138&f=PNG?w=500&h=678
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x678, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1654b0ddbab937efcacadf2d17446cb
33f85f0fda5fff21c571f39bd614e2f43e46c0de
fd10e0920177b7f8af8255178bcf912ea336f27fe8ca38f69829fa1146482958
GET /it/u=2427161569,316359015&fm=253&fmt=auto&app=138&f=PNG?w=500&h=678 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:38 GMT
Content-Type: image/webp
Content-Length: 84772
Connection: keep-alive
Expires: Wed, 22 Feb 2023 12:08:18 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: b1654b0ddbab937efcacadf2d17446cb
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 12:08:18 GMT
Ohc-Cache-HIT: ly4ct86 [1], bdix193 [4]
Ohc-File-Size: 84772
X-Cache-Status: MISS
img0.baidu.com/it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465
200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x465, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b87edffa5a5b85c17ed1cf777ff8e64a
4f0a999ddaa8e74b94f92b37b2b53d57ece33dbb
69636180ac92926eac3bd7ae249002d245aaed2a92f5f076faa003c0d55a0079
GET /it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 11746
expires: Sat, 18 Feb 2023 10:27:42 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b87edffa5a5b85c17ed1cf777ff8e64a
age: 371929
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 10:27:42 GMT
ohc-cache-hit: nc3ct80 [4], suzix242 [4]
ohc-file-size: 11746
x-cache-status: HIT
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/324437.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/324437.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/324437.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2532307423,123337213&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=567
img1.baidu.com/it/u=95982619,2332546681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=660
200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=95982619,2332546681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=660
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x660, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60489781d02029b8c0345377ca202716
e951044b4be6b74c79233d21020dbeef0c78ac7a
88b04e2e000db21e2cb3faa7603fa36a3d64e7ec4cade59caeed0ee1f543f65f
GET /it/u=95982619,2332546681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=660 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 26736
expires: Sun, 19 Feb 2023 19:02:31 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 60489781d02029b8c0345377ca202716
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 19:02:31 GMT
ohc-cache-hit: nc3ct61 [1], xaix191 [4]
ohc-file-size: 26736
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/231545.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/231545.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/231545.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3073216151,354608512&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=2017304703,1242215758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
200 OK 47 kB URL HTTP/2 img1.baidu.com/it/u=2017304703,1242215758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x709, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 790c5f6370a2b636b9378c58b48627a9
07cf51b25dbc9b68b0c3baf399e535b63002324e
5fefb25ea23386798c4cd351e8d8af01009814f47742c731508d0ca03b5be4ad
GET /it/u=2017304703,1242215758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 47398
expires: Mon, 20 Feb 2023 11:20:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 790c5f6370a2b636b9378c58b48627a9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 11:20:35 GMT
ohc-cache-hit: nc3ct60 [1], bdix60 [2]
ohc-file-size: 47398
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/664119.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/664119.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/664119.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1132497384,565619085&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
12230.url.tudown.com/uploads/images/260898.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/260898.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/260898.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3207463898,1981466748&fm=253&fmt=auto&app=138&f=JPEG?w=558&h=500
12230.url.tudown.com/uploads/images/235206.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/235206.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/235206.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2258371971,3122182011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=655
12230.url.tudown.com/uploads/images/880839.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/880839.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/880839.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2569061097,3158056336&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img2.baidu.com/it/u=1292743080,1729770249&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
200 OK 5.9 kB URL HTTP/2 img2.baidu.com/it/u=1292743080,1729770249&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc9ebdd8193534a30aa80d3b6df10f75
8cd8935226fbaf51b96d4ddcf86d534bc4d719ed
edd0619f559525a31db3a5571df5d14f651b5b28fe48b4e68c1910ba44f7b945
GET /it/u=1292743080,1729770249&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 5868
expires: Tue, 21 Feb 2023 07:01:01 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: dc9ebdd8193534a30aa80d3b6df10f75
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 07:01:01 GMT
ohc-cache-hit: lz3ct64 [1], qdix111 [4]
ohc-file-size: 5868
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2532307423,123337213&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=567
200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=2532307423,123337213&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=567
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x567, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 019ef744d77afe8535a4aaa5e7681fa6
80d8204dfc4d0f4e097bb2dfe303c92a8842a3c3
8a9e809d3190c7239204e3f13ff32e339abe2fc6218f561fddf7afb3087bc8eb
GET /it/u=2532307423,123337213&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=567 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 17294
expires: Mon, 20 Feb 2023 03:41:03 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 019ef744d77afe8535a4aaa5e7681fa6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 03:41:03 GMT
ohc-cache-hit: lz3ct64 [1], qdix113 [2]
ohc-file-size: 17294
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3073216151,354608512&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 111 kB URL HTTP/1.1 img1.baidu.com/it/u=3073216151,354608512&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 111 kB (111157 bytes)
Hash 8f1fb5b2ead96639354dcdcd82a255a6
a587768d2d02dc3404034d2c5abdb53fbec97327
4055c62c892a58617e991a9b5191e28d4d9eabc58ffc3e65db3cdc61b5ea83c3
GET /it/u=3073216151,354608512&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 111157
Connection: keep-alive
Expires: Fri, 27 Jan 2023 08:50:34 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 8f1fb5b2ead96639354dcdcd82a255a6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 08:50:34 GMT
Ohc-Cache-HIT: ly4ct99 [1], qdix99 [2]
Ohc-File-Size: 111157
X-Cache-Status: MISS
12230.url.tudown.com/uploads/images/139663.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/139663.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/139663.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4142646779,3529999521&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img1.baidu.com/it/u=1132497384,565619085&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
200 OK 46 kB URL HTTP/2 img1.baidu.com/it/u=1132497384,565619085&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x714, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 462b01651c4a516d55891b0db6d8cd77
82233b2e01c1215de38c22cb9d48010c6d435b63
3538ac2831e17d3fccb844d8678430b9c9c5789b01356f3846ed8bea887a1235
GET /it/u=1132497384,565619085&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 45808
expires: Thu, 02 Feb 2023 04:07:05 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 462b01651c4a516d55891b0db6d8cd77
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 04:07:05 GMT
ohc-cache-hit: nc3ct59 [1], csix59 [4]
ohc-file-size: 45808
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/986969.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/986969.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/986969.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1517900654,3885779548&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
12230.url.tudown.com/uploads/images/594723.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/594723.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/594723.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3207463898,1981466748&fm=253&fmt=auto&app=138&f=JPEG?w=558&h=500
200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=3207463898,1981466748&fm=253&fmt=auto&app=138&f=JPEG?w=558&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 558x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be093b2160c52658968d83ac7572c62a
05fe4aff0fc64098ba5618e98d324a87f65377c0
3cb74ad7f00da4ff1fce405baf458bfabfba32a441002709d9e5915486797f5c
GET /it/u=3207463898,1981466748&fm=253&fmt=auto&app=138&f=JPEG?w=558&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 21568
expires: Mon, 20 Feb 2023 23:50:53 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: be093b2160c52658968d83ac7572c62a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 23:50:53 GMT
ohc-cache-hit: nc3ct59 [1], suzix157 [2]
ohc-file-size: 21568
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2569061097,3158056336&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=2569061097,3158056336&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ddb264971e8522fdadd5851d1bfc537
5d3f73dde2e45cfcf6c86706fab19f6db2545c30
b86381b5575cc7e5054835396fade8709ad9b7bb406a381dc4cb25cda43fb880
GET /it/u=2569061097,3158056336&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 17692
expires: Thu, 23 Feb 2023 12:07:41 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 2ddb264971e8522fdadd5851d1bfc537
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 12:07:41 GMT
ohc-cache-hit: nc3ct62 [2], xiangyix123 [4]
ohc-file-size: 17692
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1095177512,370451936&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 96 kB URL HTTP/1.1 img0.baidu.com/it/u=1095177512,370451936&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 1e5d04ef153a82dbeb02ee9086806bce
2049380e3891567bd285fbf2a1f32deca94f4459
5486146cdedaeec42066e89a065a87c625973dc3d9a8ea6dd22fc1eff9f39800
GET /it/u=1095177512,370451936&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 96106
Connection: keep-alive
Expires: Mon, 13 Feb 2023 03:35:19 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: 1e5d04ef153a82dbeb02ee9086806bce
Age: 955805
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 03:35:19 GMT
Ohc-Cache-HIT: nc3ct68 [2], bdix68 [2]
Ohc-File-Size: 96106
X-Cache-Status: HIT
12230.url.tudown.com/uploads/images/708080.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/708080.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/708080.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
12230.url.tudown.com/uploads/images/243749.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/243749.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/243749.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1751926394,2792397631&fm=253&app=120&f=JPEG?w=1422&h=800
img2.baidu.com/it/u=2258371971,3122182011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=655
200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=2258371971,3122182011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=655
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x655, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0ee87be2001f0edcc0bff174347032f
478cccdf7fb62d954ac36707628ffdd8643d2447
9aacdad4542ecfd0799c19a251f2f26f4c6bfc97fe532d3629d62b2b7c1e9150
GET /it/u=2258371971,3122182011&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=655 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 25920
expires: Sun, 19 Feb 2023 03:53:55 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f0ee87be2001f0edcc0bff174347032f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 03:53:55 GMT
ohc-cache-hit: lz3ct66 [1], xaix125 [2]
ohc-file-size: 25920
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 34 kB URL HTTP/1.1 t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5239510c1c63f9a72c5d26015b121fec
d1e0c875c70db75834d1cd0b38ef37ba508cb5d1
811c688dd7e56bb63c60f5025bee0a9ea69a243e977d95d46174fee000d90d9f
GET /it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 34049
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:14:55 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5239510c1c63f9a72c5d26015b121fec
Age: 1172473
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 02:14:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache64 [1], qdix214 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34049
X-Cache-Status: HIT
Timing-Allow-Origin: *
12230.url.tudown.com/uploads/images/286513.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/286513.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/286513.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=776617868,832928494&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 58 kB URL HTTP/1.1 t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 02c71792996413adf8ba45f77f6a5158
c2b0c33812c343dc3902141ac0b810a9ef79a2a8
3ae1e493cf1f1d206981280336c9b6bcefca4cc949a3065a494986c3ffeb43bc
GET /it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 57512
Connection: keep-alive
Expires: Fri, 10 Feb 2023 06:59:19 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 02c71792996413adf8ba45f77f6a5158
Age: 1171838
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 06:59:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache61 [4], xaix61 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57512
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1795612250,1469454232&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 107 kB URL HTTP/1.1 img0.baidu.com/it/u=1795612250,1469454232&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #134238 CHINANET Jiangx province IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 107 kB (106566 bytes)
Hash 92cabd45a930cd44360667d2c825e6a4
66032c1514d8929f23c1f612fd4c7407d62fac4e
d58cdd3f2e7bed2cd9b201d340028f5d12abfacfd30cbaf73eca31c2024c039b
GET /it/u=1795612250,1469454232&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 106566
Connection: keep-alive
Expires: Fri, 03 Feb 2023 11:16:02 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 92cabd45a930cd44360667d2c825e6a4
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 11:16:02 GMT
Ohc-Cache-HIT: nc3ct50 [1], csix105 [4]
Ohc-File-Size: 106566
X-Cache-Status: MISS
img1.baidu.com/it/u=4142646779,3529999521&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
200 OK 52 kB URL HTTP/2 img1.baidu.com/it/u=4142646779,3529999521&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d581c60fed0be604479fa8b123ab9da7
7f01ce505c3a330f232399d730c57035f48e6112
48ac71be7c3861d8c1d8f8733a0cc0032b3ad55911139249d2fe4e9d5529377f
GET /it/u=4142646779,3529999521&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 51976
expires: Sat, 04 Feb 2023 12:58:40 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d581c60fed0be604479fa8b123ab9da7
age: 156816
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 12:58:40 GMT
ohc-cache-hit: nc3ct65 [4], xiangyix121 [4]
ohc-file-size: 51976
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1517900654,3885779548&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
200 OK 25 kB URL HTTP/2 img0.baidu.com/it/u=1517900654,3885779548&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 16793320685a28490458b2f2f204d005
29e8ed51b73f20d699a1a16dd92a187dcbdfe37e
75ca2aef0b8bdfc7036accb4f68224fb9e907cae4c5d6f82f974bcdb7368f9f2
GET /it/u=1517900654,3885779548&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 25292
expires: Mon, 20 Feb 2023 13:57:55 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 16793320685a28490458b2f2f204d005
age: 206153
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:57:55 GMT
ohc-cache-hit: nc3ct85 [4], bdix138 [2]
ohc-file-size: 25292
x-cache-status: HIT
X-Firefox-Spdy: h2
12230.url.tudown.com/uploads/images/158701.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/158701.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/158701.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2305591158,2094449158&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=353
12230.url.tudown.com/uploads/images/423538.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/423538.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/423538.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2471498749,3070607778&fm=253&app=120&f=JPEG?w=1280&h=800
12230.url.tudown.com/uploads/images/934053.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/934053.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/934053.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img2.baidu.com/it/u=1751926394,2792397631&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 127 kB URL HTTP/1.1 img2.baidu.com/it/u=1751926394,2792397631&fm=253&app=120&f=JPEG?w=1422&h=800
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 127 kB (126932 bytes)
Hash 0443e41685ada4bcab8fe7349b0c4e60
33715077eb33a221bd23509b42497460381086e5
362bcfe605eacb87e97532beebeb5aea6a29cbc2e631545c5b1ccacbc84b9e82
GET /it/u=1751926394,2792397631&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpeg
Content-Length: 126932
Connection: keep-alive
Expires: Sat, 11 Feb 2023 04:48:24 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 0443e41685ada4bcab8fe7349b0c4e60
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 04:48:24 GMT
Ohc-Cache-HIT: lz3ct61 [1], xiangyix130 [4]
Ohc-File-Size: 126932
X-Cache-Status: MISS
12230.url.tudown.com/uploads/images/322352.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/322352.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/322352.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2273221048,3169465287&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=320
12230.url.tudown.com/uploads/images/967419.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12230.url.tudown.com/uploads/images/967419.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/967419.jpg HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:49:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3708912065,2815280509&fm=253&fmt=auto&app=120&f=JPEG?w=801&h=500
img0.baidu.com/it/u=776617868,832928494&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=776617868,832928494&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0907159206ccb15709ecf50bdefa8581
97e7f51da131815b00b14f5c34d209c524224472
a7d8f33d929c277cfdc9422cce5fd664bec114352c03464de71f0e1450c4c757
GET /it/u=776617868,832928494&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:39 GMT
content-type: image/webp
content-length: 30514
expires: Sat, 18 Feb 2023 01:23:33 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0907159206ccb15709ecf50bdefa8581
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 01:23:33 GMT
ohc-cache-hit: nc3ct51 [1], czix157 [4]
ohc-file-size: 30514
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2471498749,3070607778&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 80 kB URL HTTP/1.1 img2.baidu.com/it/u=2471498749,3070607778&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash dd439aab21de68f7373f49d1da0486df
4fc81065f201db4f3bb467284cb1860daff7c04f
0ae289570d5f80c8f438f5f2bbb4e4253f0c82f2efd15da6038bc9dcb3d45c77
GET /it/u=2471498749,3070607778&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12230.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:49:40 GMT
Content-Type: image/jpeg
Content-Length: 79931
Connection: keep-alive
Expires: Sat, 18 Feb 2023 10:46:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: dd439aab21de68f7373f49d1da0486df
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 10:46:38 GMT
Ohc-Cache-HIT: ly4ct64 [1], xaix249 [4]
Ohc-File-Size: 79931
X-Cache-Status: MISS
img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #134238 CHINANET Jiangx province IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e39b5668dc23b0158ee938e0c1aa3d15
f49e076f6263487e76f673763ba6a393a8cbd846
301cf935892094b7be50488fbbd48bad966416c74c155e602d6550a68596e9ee
GET /it/u=879555015,165642413&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:40 GMT
content-type: image/webp
content-length: 36472
expires: Mon, 20 Feb 2023 09:56:29 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e39b5668dc23b0158ee938e0c1aa3d15
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:56:29 GMT
ohc-cache-hit: nc3ct52 [1], wzix52 [4]
ohc-file-size: 36472
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2273221048,3169465287&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=320
200 OK 10 kB URL HTTP/2 img2.baidu.com/it/u=2273221048,3169465287&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=320
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55540055579c61e0683ad5ef1377bb66
903e692509247cde485fbf867a6f25f3e9114ed7
911ecb2c35d42719f987dfb6cdde9422c950aca3c81fce65d7850c6927cfa2a6
GET /it/u=2273221048,3169465287&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=320 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:40 GMT
content-type: image/webp
content-length: 10496
expires: Sat, 04 Feb 2023 03:45:44 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 55540055579c61e0683ad5ef1377bb66
age: 1002457
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 03:45:44 GMT
ohc-cache-hit: lz3ct80 [4], xiangyix218 [4]
ohc-file-size: 10496
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3708912065,2815280509&fm=253&fmt=auto&app=120&f=JPEG?w=801&h=500
200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=3708912065,2815280509&fm=253&fmt=auto&app=120&f=JPEG?w=801&h=500
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 801x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eacc7945e6e12eeb527af9d797496743
04ff7c2602bd625bb947f47417b77c5dad327cb1
df7e9814c974fd90482ce79cf5d20fc66c20cd8143759d6d27d44618a339fefa
GET /it/u=3708912065,2815280509&fm=253&fmt=auto&app=120&f=JPEG?w=801&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:40 GMT
content-type: image/webp
content-length: 12602
expires: Tue, 07 Feb 2023 23:48:06 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: eacc7945e6e12eeb527af9d797496743
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 23:48:06 GMT
ohc-cache-hit: lz3ct71 [1], suzix206 [2]
ohc-file-size: 12602
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2305591158,2094449158&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=353
200 OK 28 kB URL HTTP/2 img2.baidu.com/it/u=2305591158,2094449158&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=353
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f8346dd475698ff8ed4ebeb6bac3d93
90297ebff2a99087e72a9a2f44d3b6f5955aed4b
9a8941616e76d4d4a1d4059f60ca5ec23314edf8757774043707692acd9038a0
GET /it/u=2305591158,2094449158&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=353 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12230.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:49:40 GMT
content-type: image/webp
content-length: 27468
expires: Tue, 31 Jan 2023 23:12:55 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0f8346dd475698ff8ed4ebeb6bac3d93
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 23:12:55 GMT
ohc-cache-hit: lz3ct77 [1], csix65 [4]
ohc-file-size: 27468
x-cache-status: MISS
X-Firefox-Spdy: h2
12230.url.tudown.com/favicon.ico
200 OK 0 B URL HTTP/1.1 12230.url.tudown.com/favicon.ico
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12230.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12230.url.tudown.com/down/%E5%BE%AE%E4%BF%A1%E7%94%B5%E8%84%91%E7%89%88%E5%8D%95%E6%96%87%E4%BB%B62.2.0.46@154_256726.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674643776; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674643776
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:49:40 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
154.218.151.71
34.117.237.239
36.99.3.35
23.33.119.27
104.18.20.226